|
247691
|
4.3 |
MEDIUM
Network
|
plone
|
plone
|
Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2017-5524
|
2024-11-21 12:27 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247692
|
7.5 |
HIGH
Network
|
qnap
|
qts
|
QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration…
|
CWE-200
Information Exposure
|
CVE-2017-5227
|
2024-11-21 12:27 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247693
|
7.8 |
HIGH
Local
|
firejail_project
|
firejail
|
Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
|
CWE-269
Improper Privilege Management
|
CVE-2017-5207
|
2024-11-21 12:27 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247694
|
9.0 |
CRITICAL
Network
|
firejail_project
|
firejail
|
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
|
NVD-CWE-noinfo
|
CVE-2017-5206
|
2024-11-21 12:27 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247695
|
6.7 |
MEDIUM
Local
|
avast
|
internet_security
pro_antivirus
free_antivirus
premier
|
Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-5567
|
2024-11-21 12:27 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247696
|
6.7 |
MEDIUM
Local
|
avg
|
internet_security
ultimate
anti-virus
|
Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE 17.1 (and earlier) allows a local attacker to bypass a self-protectio…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-5566
|
2024-11-21 12:27 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247697
|
6.7 |
MEDIUM
Local
|
trendmicro
|
premium_security
antivirus\+
internet_security
maximum_security
|
Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a s…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-5565
|
2024-11-21 12:27 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247698
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5505
|
2024-11-21 12:27 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247699
|
9.8 |
CRITICAL
Network
|
debian
osgeo
|
debian_linux
mapserver
|
Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5522
|
2024-11-21 12:27 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247700
|
7.1 |
HIGH
Local
|
virglrenderer_project
|
virglrenderer
|
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5580
|
2024-11-21 12:27 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
