|
249841
|
5.9 |
MEDIUM
Network
|
microsoft
horde
flipdogsolutions
r2mail2
apple
bloop
freron
mozilla
emclient
postbox-inc
roundcube
|
outlook
horde_imp
maildroid
r2mail2
mail
airmail
mailmate
thunderbird
emclient
postbox
webmail
|
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a probl…
|
NVD-CWE-noinfo
|
CVE-2017-17688
|
2024-11-21 12:18 |
2018-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249842
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiwlc
|
The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-17540
|
2024-11-21 12:18 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249843
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiwlc
|
The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-17539
|
2024-11-21 12:18 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249844
|
7.5 |
HIGH
Network
|
fortinet
|
forticlient
forticlient_sslvpn_client
|
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Clie…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-17543
|
2024-11-21 12:18 |
2018-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249845
|
8.8 |
HIGH
Network
|
foxitsoftware
|
phantompdf
foxit_reader
|
In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the b…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17557
|
2024-11-21 12:18 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249846
|
9.8 |
CRITICAL
Network
|
openslp
debian
canonical
redhat
lenovo
|
openslp
debian_linux
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_server_tus
enterpr…
|
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17833
|
2024-11-21 12:18 |
2018-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249847
|
9.8 |
CRITICAL
Network
|
kliqqi
|
kliqqi_cms
|
SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI.
|
CWE-89
SQL Injection
|
CVE-2017-17902
|
2024-11-21 12:18 |
2018-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249848
|
5.4 |
MEDIUM
Network
|
kliqqi
|
kliqqi_cms
|
Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, a crafted Homepage string in a profile, or a crafted string in Tags or Description within pligg/submit.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17889
|
2024-11-21 12:18 |
2018-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249849
|
5.3 |
MEDIUM
Network
|
ruby-lang
debian
|
ruby
debian_linux
|
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTT…
|
CWE-113
HTTP Response Splitting
|
CVE-2017-17742
|
2024-11-21 12:18 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249850
|
7.8 |
HIGH
Local
|
google
|
android
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17770
|
2024-11-21 12:18 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
