|
250041
|
9.8 |
CRITICAL
Network
|
clojure
|
clojure
|
In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-20189
|
2024-11-21 12:22 |
2024-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250042
|
9.8 |
CRITICAL
Network
|
floriangaerber
|
magnesium-php
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Magnesium-PHP up to 0.3.0. It has been classified as problematic. Affected is the function formatEmailString of the file src/Magnesium/Mes…
|
-
|
CVE-2017-20187
|
2024-11-21 12:22 |
2023-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250043
|
7.5 |
HIGH
Network
|
nikooo777
|
cksurf
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file c…
|
-
|
CVE-2017-20186
|
2024-11-21 12:22 |
2023-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250044
|
6.1 |
MEDIUM
Network
|
server_web_monitor_page_project
|
server_web_monitor_page
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Fuzzy SWMP. It has been rated as problematic. This issue affects some unknown processing of the file swmp.php of the component GET Paramet…
|
-
|
CVE-2017-20185
|
2024-11-21 12:22 |
2023-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250045
|
6.1 |
MEDIUM
Network
|
external_media_without_import_project
|
external_media_without_import
|
A vulnerability was found in External Media without Import Plugin up to 1.0.0 on WordPress. It has been declared as problematic. This vulnerability affects the function print_media_new_panel of the f…
|
CWE-79
Cross-site Scripting
|
CVE-2017-20183
|
2024-11-21 12:22 |
2023-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250046
|
7.5 |
HIGH
Network
|
gavazzionline
|
powersoft
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download an…
|
-
|
CVE-2017-20184
|
2024-11-21 12:22 |
2023-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250047
|
6.1 |
MEDIUM
Network
|
mobilevikings
|
django_ajax_utilities
|
A vulnerability was found in Mobile Vikings Django AJAX Utilities up to 1.2.1 and classified as problematic. This issue affects the function Pagination of the file django_ajax/static/ajax-utilities/j…
|
CWE-79
Cross-site Scripting
|
CVE-2017-20182
|
2024-11-21 12:22 |
2023-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250048
|
5.5 |
MEDIUM
Local
|
vocable_trainer_project
|
vocable_trainer
|
A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvide…
|
-
|
CVE-2017-20181
|
2024-11-21 12:22 |
2023-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250049
|
7.5 |
HIGH
Network
|
zerocoin
|
libzerocoin
|
A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the function CoinSpend::CoinSpend of the file CoinSpend.cpp of the component Proof Handler. The manipulation…
|
-
|
CVE-2017-20180
|
2024-11-21 12:22 |
2023-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250050
|
9.8 |
CRITICAL
Network
|
instedd
|
pollit
|
A vulnerability was found in InSTEDD Pollit 2.3.1. It has been rated as critical. This issue affects the function TourController of the file app/controllers/tour_controller.rb. The manipulation leads…
|
NVD-CWE-noinfo
|
CVE-2017-20179
|
2024-11-21 12:22 |
2023-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
