|
247251
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7718
|
2024-11-21 12:32 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247252
|
8.8 |
HIGH
Network
|
squirrelmail
|
squirrelmail
|
SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit …
|
CWE-20
Improper Input Validation
|
CVE-2017-7692
|
2024-11-21 12:32 |
2017-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247253
|
7.8 |
HIGH
Local
|
tenable
|
nessus
|
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-7850
|
2024-11-21 12:32 |
2017-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247254
|
5.5 |
MEDIUM
Local
|
tenable
|
nessus
|
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-7849
|
2024-11-21 12:32 |
2017-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247255
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x before 2.3.2) Timeline include page, used in My View (my_view_page.php) and User Information (view_user_page.php) pages, allows remot…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7897
|
2024-11-21 12:32 |
2017-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247256
|
6.1 |
MEDIUM
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7896
|
2024-11-21 12:32 |
2017-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247257
|
7.5 |
HIGH
Network
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c,…
|
CWE-20
Improper Input Validation
|
CVE-2017-7645
|
2024-11-21 12:32 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247258
|
7.5 |
HIGH
Network
|
capnproto
|
capnproto
|
Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on …
|
CWE-20
Improper Input Validation
|
CVE-2017-7892
|
2024-11-21 12:32 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247259
|
6.1 |
MEDIUM
Network
|
sourcebans-pp_project
|
sourcebans-pp
|
sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7891
|
2024-11-21 12:32 |
2017-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247260
|
7.8 |
HIGH
Local
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the f…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-7889
|
2024-11-21 12:32 |
2017-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
