|
254201
|
9.8 |
CRITICAL
Network
|
commvault
|
commvault
|
A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate th…
|
CWE-78
OS Command
|
CVE-2017-18044
|
2024-11-21 12:19 |
2018-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254202
|
6.5 |
MEDIUM
Network
|
atlassian
|
jira
|
The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (C…
|
CWE-352
Origin Validation Error
|
CVE-2017-18033
|
2024-11-21 12:19 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254203
|
4.8 |
MEDIUM
Network
|
pulsesecure
|
pulse_connect_secure
|
A cross site scripting issue has been found in custompage.cgi in Pulse Secure Pulse Connect Secure (PCS) before 8.0R17.0, 8.1.x before 8.1R13, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 and Pulse Pol…
|
CWE-79
Cross-site Scripting
|
CVE-2017-17947
|
2024-11-21 12:19 |
2018-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254204
|
6.1 |
MEDIUM
Network
|
wpdownloadmanager
|
wordpress_download_manager
|
The download-manager plugin before 2.9.52 for WordPress has XSS via the id parameter in a wpdm_generate_password action to wp-admin/admin-ajax.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18032
|
2024-11-21 12:19 |
2018-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254205
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-18029
|
2024-11-21 12:19 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254206
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-18028
|
2024-11-21 12:19 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254207
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-18027
|
2024-11-21 12:19 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254208
|
6.1 |
MEDIUM
Network
|
sophos
|
sfos
|
An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log pa…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18014
|
2024-11-21 12:19 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254209
|
9.8 |
CRITICAL
Network
|
muvikoscript
|
muviko
|
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/aj…
|
CWE-89
SQL Injection
|
CVE-2017-17970
|
2024-11-21 12:19 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254210
|
5.3 |
MEDIUM
Network
|
parity
|
browser
|
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the c…
|
CWE-346
Origin Validation Error
|
CVE-2017-18016
|
2024-11-21 12:19 |
2018-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
