|
253281
|
5.4 |
MEDIUM
Network
|
paessler
|
prtg_network_monitor
|
PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15360
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253282
|
5.3 |
MEDIUM
Network
|
ewbf
|
cuda_zcash_miner
|
The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b hangs on incoming TCP connections until some sort of request is made (such as "GET / HTTP/1.1"), which allows for a Denial of Ser…
|
NVD-CWE-noinfo
|
CVE-2017-15300
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253283
|
6.1 |
MEDIUM
Network
|
nexusphp_project
|
nexusphp
|
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15305
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253284
|
9.8 |
CRITICAL
Network
|
airtame
|
hdmi_dongle_firmware
|
/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an attacker to set his own session id via a "Cookie: PHPSESSID=" header. This can be used to achieve persist…
|
CWE-384
Session Fixation
|
CVE-2017-15304
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253285
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15299
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253286
|
5.5 |
MEDIUM
Local
|
git-scm
canonical
|
git
ubuntu_linux
|
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an i…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15298
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253287
|
5.9 |
MEDIUM
Network
|
infineon
|
trusted_platform_firmware
rsa_library
|
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 13…
|
NVD-CWE-noinfo
|
CVE-2017-15361
|
2024-11-21 12:14 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253288
|
6.1 |
MEDIUM
Network
|
wpjobboard
|
wpjobboard
|
Multiple client-side cross site scripting vulnerabilities have been discovered in the WpJobBoard v4.5.1 web-application for WordPress. The vulnerabilities are located in the `query` and `id` paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2017-15375
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253289
|
6.1 |
MEDIUM
Network
|
shopware
|
shopware
|
Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script c…
|
CWE-79
Cross-site Scripting
|
CVE-2017-15374
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253290
|
7.8 |
HIGH
Local
|
cpuid
|
cpu-z
|
In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver (e.g., cpuz143_x64.sys for version 1.43) that can result in information disclosure or elevation of privileges, be…
|
NVD-CWE-noinfo
|
CVE-2017-15302
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
