|
249821
|
6.1 |
MEDIUM
Network
|
vanguard_project
|
marketplace_digital_products_php
|
Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17937
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249822
|
8.8 |
HIGH
Network
|
vanguard_project
|
marketplace_digital_products_php
|
Vanguard Marketplace Digital Products PHP has CSRF via /search.
|
CWE-352
Origin Validation Error
|
CVE-2017-17936
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249823
|
9.8 |
CRITICAL
Network
|
allmediaserver
|
allmediaserver
|
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17932
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249824
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflo…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17935
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249825
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-17934
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249826
|
6.1 |
MEDIUM
Network
|
bmc
|
remedy_mid-tier
|
BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17678
|
2024-11-21 12:18 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249827
|
8.8 |
HIGH
Network
|
bmc
|
remedy_mid-tier
|
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-17677
|
2024-11-21 12:18 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249828
|
5.3 |
MEDIUM
Network
|
bmc
|
remedy_mid-tier
|
BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-17675
|
2024-11-21 12:18 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249829
|
9.8 |
CRITICAL
Network
|
bmc
|
remedy_mid-tier
|
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinti…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-17674
|
2024-11-21 12:18 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249830
|
6.1 |
MEDIUM
Network
|
pexip
|
pexip_infinity
|
Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17477
|
2024-11-21 12:18 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
