|
247711
|
6.5 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2017-5583
|
2024-11-21 12:27 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247712
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
tableau_desktop
tableau_server
wonderware_intelligence
|
An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is insta…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-5178
|
2024-11-21 12:27 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247713
|
6.1 |
MEDIUM
Network
|
silverstripe
|
silverstripe
|
There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. The attack vector is a page name. An example payload is a crafted JavaScript event handler within a malformed SVG element.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5197
|
2024-11-21 12:27 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247714
|
6.1 |
MEDIUM
Network
|
flexerasoftware
|
flexnet_publisher
|
Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and earlier, as used in Citrix License Server for Windows and the Citrix License S…
|
CWE-601
Open Redirect
|
CVE-2017-5571
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247715
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]).
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5356
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247716
|
7.5 |
HIGH
Network
|
irssi
|
irssi
|
Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5196
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247717
|
7.5 |
HIGH
Network
|
irssi
|
irssi
|
Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5195
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247718
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message.
|
CWE-416
Use After Free
|
CVE-2017-5194
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247719
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5193
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247720
|
7.8 |
HIGH
Local
|
rapid7
|
metasploit
|
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current wor…
|
CWE-426
Untrusted Search Path
|
CVE-2017-5235
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
