|
247501
|
9.8 |
CRITICAL
Network
|
sophos
|
astaro_security_gateway_firmware
|
Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx.
|
CWE-20
Improper Input Validation
|
CVE-2017-6315
|
2024-11-21 12:29 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247502
|
5.9 |
MEDIUM
Network
|
f5
|
big-ip_local_traffic_manager
big-ip_application_acceleration_manager
big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_access_policy_manager
big-ip_application_security_manager<…
|
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.1.2-HF1 and 13.0.0, an undisclosed type of responses may cause TMM to restart, causing an interruption of se…
|
NVD-CWE-noinfo
|
CVE-2017-6147
|
2024-11-21 12:29 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247503
|
6.5 |
MEDIUM
Network
|
symantec
|
encryption_desktop
|
Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote attackers to cause a denial of service (resource consumption) via crafted web requests."
|
NVD-CWE-noinfo
|
CVE-2017-6330
|
2024-11-21 12:29 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247504
|
7.5 |
HIGH
Network
|
libgd
debian
fedoraproject
canonical
|
libgd
debian_linux
fedora
ubuntu_linux
|
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
|
CWE-415
Double Free
|
CVE-2017-6362
|
2024-11-21 12:29 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247505
|
7.8 |
HIGH
Local
|
symantec
|
vip_access_for_desktop
|
Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-6329
|
2024-11-21 12:29 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247506
|
8.8 |
HIGH
Adjacent
|
google
|
android
|
In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-6421
|
2024-11-21 12:29 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247507
|
8.8 |
HIGH
Network
|
symantec
|
message_gateway
|
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious…
|
CWE-352
Origin Validation Error
|
CVE-2017-6328
|
2024-11-21 12:29 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247508
|
5.5 |
MEDIUM
Local
|
clamav
|
clamav
|
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
|
CWE-416
Use After Free
|
CVE-2017-6420
|
2024-11-21 12:29 |
2017-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247509
|
7.8 |
HIGH
Local
|
libmspack_project
|
libmspack
|
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified oth…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6419
|
2024-11-21 12:29 |
2017-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247510
|
5.5 |
MEDIUM
Local
|
clamav
|
clamav
|
libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6418
|
2024-11-21 12:29 |
2017-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
