|
253121
|
6.1 |
MEDIUM
Network
|
sugarcrm
|
sugarcrm
|
An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). The WebToLeadCapture functionality is found vulnerable to unau…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14510
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253122
|
8.8 |
HIGH
Network
|
sugarcrm
|
sugarcrm
|
An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). A remote file inclusion has been identified in the Connectors …
|
CWE-20
Improper Input Validation
|
CVE-2017-14509
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253123
|
8.8 |
HIGH
Network
|
sugarcrm
|
sugarcrm
|
An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 (and Sugar Community Edition 6.5.26). Several areas have been identified in the Documents and Emails…
|
CWE-89
SQL Injection
|
CVE-2017-14508
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253124
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application cras…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14505
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253125
|
6.5 |
MEDIUM
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14504
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253126
|
9.8 |
CRITICAL
Network
|
iball
|
ib-wra150n_firmware
|
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs wi…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2017-14244
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253127
|
9.8 |
CRITICAL
Network
|
utstar
|
wa3002g4_firmware
|
An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials fr…
|
CWE-287
Improper Authentication
|
CVE-2017-14243
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253128
|
6.5 |
MEDIUM
Network
|
libarchive
|
libarchive
|
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14503
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253129
|
7.5 |
HIGH
Network
|
libarchive
|
libarchive
|
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_rea…
|
CWE-125
CWE-193
Out-of-bounds Read
Off-by-one Error
|
CVE-2017-14502
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253130
|
6.5 |
MEDIUM
Network
|
libarchive
|
libarchive
|
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14501
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
