|
249461
|
7.8 |
HIGH
Local
|
rarlab
|
unrar
|
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
|
CWE-787
Out-of-bounds Write
|
CVE-2017-20006
|
2024-11-21 12:22 |
2021-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249462
|
9.8 |
CRITICAL
Network
|
f5
debian
|
nginx
debian_linux
|
NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date f…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-20005
|
2024-11-21 12:22 |
2021-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249463
|
5.9 |
MEDIUM
Network
|
rust-lang
|
rust
|
In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues th…
|
CWE-362
Race Condition
|
CVE-2017-20004
|
2024-11-21 12:22 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249464
|
7.8 |
HIGH
Local
|
debian
|
debian_linux
shadow
|
The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are…
|
CWE-269
Improper Privilege Management
|
CVE-2017-20002
|
2024-11-21 12:22 |
2021-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249465
|
7.5 |
HIGH
Network
|
aes_encryption_project
|
aes_encryption
|
The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. NOTE: This project is not covered by Drupal's security advisor…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-20001
|
2024-11-21 12:22 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249466
|
5.9 |
MEDIUM
Network
|
hcltech
|
domino
|
"A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threa…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-1712
|
2024-11-21 12:22 |
2020-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249467
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
|
"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."
|
CWE-79
Cross-site Scripting
|
CVE-2017-1659
|
2024-11-21 12:22 |
2020-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249468
|
5.9 |
MEDIUM
Network
|
ibm
|
infosphere_streams
|
IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134632.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-1713
|
2024-11-21 12:22 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249469
|
7.5 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-1695
|
2024-11-21 12:22 |
2019-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249470
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for att…
|
CWE-521
Weak Password Requirements
|
CVE-2017-1597
|
2024-11-21 12:22 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
