|
247201
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8453
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247202
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory ex…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8421
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247203
|
7.8 |
HIGH
Local
|
lame_project
|
lame
|
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8419
|
2024-11-21 12:34 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247204
|
3.3 |
LOW
Local
|
rubocop_project
|
rubocop
|
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2017-8418
|
2024-11-21 12:34 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247205
|
2.4 |
LOW
Physics
|
avm
|
fritz\!os
|
Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets …
|
CWE-200
Information Exposure
|
CVE-2017-8087
|
2024-11-21 12:33 |
2019-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247206
|
8.8 |
HIGH
Network
|
amcrest
|
ipm-721s_firmware
|
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2017-8230
|
2024-11-21 12:33 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247207
|
9.8 |
CRITICAL
Network
|
amcrest
|
ipm-721s_firmware
|
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using b…
|
CWE-255
Credentials Management
|
CVE-2017-8229
|
2024-11-21 12:33 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247208
|
8.8 |
HIGH
Network
|
amcrest
|
ipm-721s_firmware
|
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new cam…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2017-8228
|
2024-11-21 12:33 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247209
|
9.8 |
CRITICAL
Network
|
amcrest
|
ipm-721s_firmware
|
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the…
|
CWE-254
7PK - Security Features
|
CVE-2017-8227
|
2024-11-21 12:33 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247210
|
9.8 |
CRITICAL
Network
|
amcrest
|
ipm-721s_firmware
|
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmwa…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-8226
|
2024-11-21 12:33 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
