|
249861
|
4.8 |
MEDIUM
Network
|
pega
|
pega_platform
|
An XSS issue was discovered in Designer Studio in Pegasystems Pega Platform 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2, 7.2.1, and 7.2.2. A user with developer credentials can insert malicious code (up to 64 c…
|
CWE-79
Cross-site Scripting
|
CVE-2017-17478
|
2024-11-21 12:18 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249862
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17767
|
2024-11-21 12:18 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249863
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocat…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17765
|
2024-11-21 12:18 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249864
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an in…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17764
|
2024-11-21 12:18 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249865
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17725
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249866
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to ca…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17724
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249867
|
8.1 |
HIGH
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial o…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17723
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249868
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
|
CWE-617
Reachable Assertion
|
CVE-2017-17722
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249869
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17659
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249870
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17658
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
