|
247591
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6347
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247592
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithread…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2017-6346
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247593
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possi…
|
CWE-20
Improper Input Validation
|
CVE-2017-6345
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247594
|
9.8 |
CRITICAL
Network
|
vim
|
vim
|
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6350
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247595
|
9.8 |
CRITICAL
Network
|
vim
|
vim
|
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, whic…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6349
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247596
|
5.9 |
MEDIUM
Local
|
grails
|
pdf_plugin
|
XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document.
|
CWE-611
XXE
|
CVE-2017-6344
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247597
|
8.1 |
HIGH
Network
|
dahuasecurity
|
camera_firmware
nvr_firmware
smartpss_firmware
|
The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attac…
|
CWE-287
Improper Authentication
|
CVE-2017-6343
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247598
|
5.9 |
MEDIUM
Network
|
dahuasecurity
|
camera_firmware
nvr_firmware
smartpss_firmware
|
Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to …
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-6341
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247599
|
9.8 |
CRITICAL
Network
|
dahuasecurity
|
camera_firmware
nvr_firmware
smartpss_firmware
|
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPS…
|
CWE-269
Improper Privilege Management
|
CVE-2017-6342
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247600
|
5.9 |
MEDIUM
Network
|
mikrotik
|
routeros
|
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2017-6297
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
