|
250801
|
6.5 |
MEDIUM
Network
|
python
|
python
|
The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exceptio…
|
CWE-369
Divide By Zero
|
CVE-2017-18207
|
2024-11-21 12:19 |
2018-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250802
|
9.8 |
CRITICAL
Network
|
zsh
canonical
|
zsh
ubuntu_linux
|
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18206
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250803
|
8.1 |
HIGH
Network
|
zsh_project
|
zsh
|
In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18205
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250804
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
|
NVD-CWE-noinfo
|
CVE-2017-18204
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250805
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during crea…
|
CWE-362
Race Condition
|
CVE-2017-18203
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250806
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free)…
|
CWE-416
Use After Free
|
CVE-2017-18202
|
2024-11-21 12:19 |
2018-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250807
|
5.3 |
MEDIUM
Network
|
concretecms
|
concrete_cms
|
An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/requ…
|
NVD-CWE-noinfo
|
CVE-2017-18195
|
2024-11-21 12:19 |
2018-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250808
|
9.8 |
CRITICAL
Network
|
gnu
|
libcdio
|
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.
|
CWE-415
Double Free
|
CVE-2017-18201
|
2024-11-21 12:19 |
2018-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250809
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demon…
|
CWE-20
Improper Input Validation
|
CVE-2017-18200
|
2024-11-21 12:19 |
2018-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250810
|
6.5 |
MEDIUM
Network
|
gnu
|
libcdio
|
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18199
|
2024-11-21 12:19 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
