|
247581
|
6.1 |
MEDIUM
Network
|
kaltura
|
kaltura_server
|
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "server-Lynx-12.11.0/admin_console/web/tools/XmlJWP…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6392
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247582
|
6.1 |
MEDIUM
Network
|
kaltura
|
kaltura_server
|
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "admin_console/web/tools/SimpleJWPlayer.php" URL, t…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6391
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247583
|
6.1 |
MEDIUM
Network
|
soruly
|
whatanime.ga
|
An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "whatanime.ga-mast…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6390
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247584
|
7.5 |
HIGH
Network
|
atheme
|
atheme
|
Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed i…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-6384
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247585
|
8.6 |
HIGH
Network
|
openidc
|
mod_auth_openidc
|
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OID…
|
CWE-287
Improper Authentication
|
CVE-2017-6062
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247586
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6415
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247587
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6387
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247588
|
7.8 |
HIGH
Local
|
radare
|
radare2
|
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified ot…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6319
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247589
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (inva…
|
CWE-415
Double Free
|
CVE-2017-6353
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247590
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted oper…
|
NVD-CWE-noinfo
|
CVE-2017-6348
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
