|
251961
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of servic…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17080
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251962
|
7.5 |
HIGH
Network
|
dlink
|
dir-605l_model_b_firmware
|
An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (d…
|
CWE-20
Improper Input Validation
|
CVE-2017-17065
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251963
|
9.8 |
CRITICAL
Network
|
splunk
|
splunk
|
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which …
|
CWE-863
Incorrect Authorization
|
CVE-2017-17067
|
2024-11-21 12:17 |
2017-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251964
|
6.1 |
MEDIUM
Network
|
amtythumb_project
|
amtythumb
|
XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb posts or wp-thumb-post) plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17059
|
2024-11-21 12:17 |
2017-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251965
|
7.5 |
HIGH
Network
|
automattic
|
woocommerce
|
The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a …
|
CWE-22
Path Traversal
|
CVE-2017-17058
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251966
|
5.5 |
MEDIUM
Local
|
aubio
|
aubio
|
In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.
|
CWE-369
Divide By Zero
|
CVE-2017-17054
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251967
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing …
|
CWE-416
Use After Free
|
CVE-2017-17053
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251968
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free or po…
|
CWE-416
Use After Free
|
CVE-2017-17052
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251969
|
7.8 |
HIGH
Local
|
tgsoft
|
vir.it_explorer
|
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730020 DeviceIoContr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17050
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251970
|
7.8 |
HIGH
Local
|
tgsoft
|
vir.it_explorer
|
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730010 DeviceIoContr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17049
|
2024-11-21 12:17 |
2017-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
