|
258561
|
7.5 |
HIGH
Network
|
linaro
|
op-tee
|
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key.
|
CWE-200
Information Exposure
|
CVE-2017-1000412
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258562
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
canonical
|
imagemagick
debian_linux
ubuntu_linux
|
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-1000445
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258563
|
9.8 |
CRITICAL
Network
|
openhacker_project
|
openhacker
|
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution
|
CWE-89
SQL Injection
|
CVE-2017-1000444
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258564
|
6.1 |
MEDIUM
Network
|
openhacker_project
|
openhacker
|
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000443
|
2024-11-21 12:04 |
2018-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258565
|
5.4 |
MEDIUM
Network
|
passbolt
|
passbolt_api
|
Passbolt API version 1.6.4 and older are vulnerable to a XSS in the url field on the password workspace
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000442
|
2024-11-21 12:04 |
2018-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258566
|
5.9 |
MEDIUM
Network
|
erlang
debian
|
erlang\/otp
debian_linux
|
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's priv…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2017-1000385
|
2024-11-21 12:04 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258567
|
7.4 |
HIGH
Adjacent
|
redhat
linux
debian
canonical
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
virtualization_host
enterprise_linux_server_tus
enterprise_linux_server_eus
enterprise_linux_server_aus…
|
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2017-1000407
|
2024-11-21 12:04 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258568
|
7.5 |
HIGH
Network
|
linux
debian
redhat
|
linux_kernel
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
virtualization_host
enterprise_linux_server_tu…
|
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of…
|
CWE-200
Information Exposure
|
CVE-2017-1000410
|
2024-11-21 12:04 |
2017-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258569
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In suc…
|
CWE-362
Race Condition
|
CVE-2017-1000405
|
2024-11-21 12:04 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258570
|
7.5 |
HIGH
Network
|
opendaylight
|
karaf
|
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
|
CWE-254
7PK - Security Features
|
CVE-2017-1000406
|
2024-11-21 12:04 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
