|
248991
|
6.5 |
MEDIUM
Network
|
puppet
|
mcollective-sshkey-security
|
The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an …
|
CWE-20
Improper Input Validation
|
CVE-2017-2298
|
2024-11-21 12:23 |
2017-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248992
|
9.0 |
CRITICAL
Network
|
puppet
|
mcollective
|
Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.sa…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-2292
|
2024-11-21 12:23 |
2017-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248993
|
8.8 |
HIGH
Network
|
apple
|
iphone_os
|
Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file.
|
CWE-416
Use After Free
|
CVE-2017-2491
|
2024-11-21 12:23 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248994
|
7.8 |
HIGH
Local
|
baidu
|
simeji
|
Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-2219
|
2024-11-21 12:23 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248995
|
8.4 |
HIGH
Local
|
jiransoft
|
appcheck
appcheck_pro
|
Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified direc…
|
CWE-426
Untrusted Search Path
|
CVE-2017-2214
|
2024-11-21 12:23 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248996
|
7.8 |
HIGH
Local
|
gsi
|
semidynaexe
|
Untrusted search path vulnerability in SemiDynaEXE (SemiDynaEXE2008.EXE) ver. 1.0.2 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-2213
|
2024-11-21 12:23 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248997
|
7.8 |
HIGH
Local
|
gsi
|
tky2jgd
|
Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-2212
|
2024-11-21 12:23 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248998
|
7.8 |
HIGH
Local
|
gsi
|
patchjgd
|
Untrusted search path vulnerability in PatchJGD (Hyoko) (PatchJGDh101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-2211
|
2024-11-21 12:23 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248999
|
7.8 |
HIGH
Local
|
gsi
|
patchjgd
|
Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-2210
|
2024-11-21 12:23 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249000
|
7.8 |
HIGH
Local
|
santeikohyo
|
installer_of_houkokusyo_sakusei_shien_tool
|
Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 M…
|
CWE-426
Untrusted Search Path
|
CVE-2017-2209
|
2024-11-21 12:23 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
