|
251071
|
9.8 |
CRITICAL
Network
|
jextn
|
jextn_question_and_answer
|
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.
|
CWE-89
SQL Injection
|
CVE-2017-17871
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251072
|
9.8 |
CRITICAL
Network
|
jbuildozer
|
jbuildozer
|
The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.
|
CWE-89
SQL Injection
|
CVE-2017-17870
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251073
|
6.1 |
MEDIUM
Network
|
mgl-instagram-gallery_project
|
mgl-instagram-gallery
|
The mgl-instagram-gallery plugin for WordPress has XSS via the single-gallery.php media parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17869
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251074
|
6.1 |
MEDIUM
Network
|
liferay
|
liferay_portal
|
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter (p_r_p) value, as demonstrated by p_r_p_564233524_tag.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17868
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251075
|
7.8 |
HIGH
Local
|
artifex
debian
|
mupdf
debian_linux
|
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (b…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17866
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251076
|
3.3 |
LOW
Local
|
linux
debian
|
linux_kernel
debian_linux
|
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentia…
|
CWE-200
Information Exposure
|
CVE-2017-17864
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251077
|
7.8 |
HIGH
Local
|
linux
debian
|
linux_kernel
debian_linux
|
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17863
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251078
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning …
|
CWE-20
Improper Input Validation
|
CVE-2017-17862
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251079
|
6.1 |
MEDIUM
Network
|
samsung
|
internet_browser
|
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside X…
|
CWE-79
Cross-site Scripting
|
CVE-2017-17859
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251080
|
7.8 |
HIGH
Local
|
linux
debian
|
linux_kernel
debian_linux
|
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other im…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17857
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
