|
249591
|
9.8 |
CRITICAL
Network
|
qualcomm
|
mdm9206_firmware
mdm9607_firmware
msm8909w_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_425_firmware
sd_430_firmware
sd_450_firmware
sd_625_firmware
sd_65…
|
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, debug …
|
NVD-CWE-noinfo
|
CVE-2017-18071
|
2024-11-21 12:19 |
2018-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249592
|
7.5 |
HIGH
Network
|
qualcomm
|
mdm9206_firmware
mdm9607_firmware
qca6174a_firmware
qca6574_firmware
mdm9640_firmware
qca6574au_firmware
mdm9650_firmware
qca6584_firmware
qca6584au_firmware
sd_210_firmwar…
|
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA658…
|
CWE-200
Information Exposure
|
CVE-2017-18072
|
2024-11-21 12:19 |
2018-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249593
|
8.8 |
HIGH
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka …
|
CWE-89
SQL Injection
|
CVE-2017-18260
|
2024-11-21 12:19 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249594
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr ERP/CRM is affected by stored Cross-Site Scripting (XSS) in versions through 7.0.0.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18259
|
2024-11-21 12:19 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249595
|
6.5 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version…
|
CWE-862
Missing Authorization
|
CVE-2017-18101
|
2024-11-21 12:19 |
2018-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249596
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
|
The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick fi…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18100
|
2024-11-21 12:19 |
2018-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249597
|
6.5 |
MEDIUM
Network
|
xmlsoft
|
libxml2
|
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not r…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-18258
|
2024-11-21 12:19 |
2018-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249598
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
|
The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fie…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18098
|
2024-11-21 12:19 |
2018-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249599
|
5.4 |
MEDIUM
Network
|
atlassian
|
jira
|
The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaSc…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18097
|
2024-11-21 12:19 |
2018-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249600
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate s…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-18257
|
2024-11-21 12:19 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
