|
254151
|
4.3 |
MEDIUM
Network
|
atlassian
|
bitbucket
|
Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 be…
|
CWE-20
Improper Input Validation
|
CVE-2017-18088
|
2024-11-21 12:19 |
2018-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254152
|
7.5 |
HIGH
Network
|
atlassian
|
bitbucket
|
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5…
|
NVD-CWE-noinfo
|
CVE-2017-18087
|
2024-11-21 12:19 |
2018-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254153
|
5.5 |
MEDIUM
Local
|
openr
|
opentmpfiles
|
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which …
|
CWE-59
Link Following
|
CVE-2017-18188
|
2024-11-21 12:19 |
2018-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254154
|
9.8 |
CRITICAL
Network
|
arm
debian
|
mbed_tls
debian_linux
|
In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-18187
|
2024-11-21 12:19 |
2018-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254155
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-18186
|
2024-11-21 12:19 |
2018-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254156
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18185
|
2024-11-21 12:19 |
2018-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254157
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18184
|
2024-11-21 12:19 |
2018-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254158
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-18183
|
2024-11-21 12:19 |
2018-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254159
|
8.8 |
HIGH
Network
|
progress
|
sitefinity
|
Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. …
|
CWE-287
Improper Authentication
|
CVE-2017-18179
|
2024-11-21 12:19 |
2018-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254160
|
6.1 |
MEDIUM
Network
|
progress
|
sitefinity
|
Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This …
|
CWE-601
Open Redirect
|
CVE-2017-18178
|
2024-11-21 12:19 |
2018-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
