|
251731
|
7.8 |
HIGH
Local
|
scala-lang
|
scala
|
The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-devel/${USER:shared}/scalac-compile-server-port, w…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-15288
|
2024-11-21 12:14 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251732
|
5.3 |
MEDIUM
Local
|
psftp
|
psftpd
|
The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "…
|
CWE-287
CWE-522
Improper Authentication
Insufficiently Protected Credentials
|
CVE-2017-15272
|
2024-11-21 12:14 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251733
|
5.9 |
MEDIUM
Network
|
psftp
|
psftpd
|
A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically res…
|
CWE-416
Use After Free
|
CVE-2017-15271
|
2024-11-21 12:14 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251734
|
5.3 |
MEDIUM
Network
|
psftp
|
psftpd
|
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface…
|
CWE-20
Improper Input Validation
|
CVE-2017-15270
|
2024-11-21 12:14 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251735
|
4.3 |
MEDIUM
Network
|
psftp
|
psftpd
|
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be performed using "nmap -b" and allow performing scans via the FTP server.
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2017-15269
|
2024-11-21 12:14 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251736
|
6.8 |
MEDIUM
Adjacent
|
symantec
|
endpoint_encryption
|
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scena…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15526
|
2024-11-21 12:14 |
2017-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251737
|
4.5 |
MEDIUM
Adjacent
|
symantec
|
endpoint_encryption
|
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine o…
|
NVD-CWE-noinfo
|
CVE-2017-15525
|
2024-11-21 12:14 |
2017-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251738
|
6.5 |
MEDIUM
Network
|
suse
|
susefirewall2
|
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and S…
|
NVD-CWE-noinfo
|
CVE-2017-15638
|
2024-11-21 12:14 |
2017-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251739
|
7.5 |
HIGH
Network
|
redhat
|
gluster_storage
|
It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
|
-
|
CVE-2017-15087
|
2024-11-21 12:14 |
2017-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251740
|
7.4 |
HIGH
Network
|
redhat
|
gluster_storage
|
It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
|
-
|
CVE-2017-15086
|
2024-11-21 12:14 |
2017-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
