|
247031
|
9.8 |
CRITICAL
Network
|
freeradius
|
freeradius
|
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, …
|
CWE-287
Improper Authentication
|
CVE-2017-9148
|
2024-11-21 12:35 |
2017-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247032
|
6.1 |
MEDIUM
Network
|
raygun
|
raygun4wp
|
The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter).
|
CWE-79
Cross-site Scripting
|
CVE-2017-9288
|
2024-11-21 12:35 |
2017-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247033
|
6.5 |
MEDIUM
Network
|
openldap
debian
redhat
mcafee
oracle
|
openldap
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_eus
enterprise_linux_server_tus
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged …
|
CWE-415
Double Free
|
CVE-2017-9287
|
2024-11-21 12:35 |
2017-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
247034
|
9.8 |
CRITICAL
Network
|
openvswitch
|
openvswitch
|
In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9265
|
2024-11-21 12:35 |
2017-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247035
|
9.8 |
CRITICAL
Network
|
openvswitch
|
openvswitch
|
In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extr…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9264
|
2024-11-21 12:35 |
2017-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247036
|
6.5 |
MEDIUM
Adjacent
|
openvswitch
|
openvswitch
|
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` i…
|
CWE-20
Improper Input Validation
|
CVE-2017-9263
|
2024-11-21 12:35 |
2017-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247037
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-9262
|
2024-11-21 12:35 |
2017-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247038
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-9261
|
2024-11-21 12:35 |
2017-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247039
|
6.1 |
MEDIUM
Network
|
finecms_project
|
finecms
|
andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the search page via the text-search parameter to index.php in a route=search action.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9252
|
2024-11-21 12:35 |
2017-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247040
|
6.1 |
MEDIUM
Network
|
finecms_project
|
finecms
|
andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the sitename parameter to admin.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9251
|
2024-11-21 12:35 |
2017-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
