|
252181
|
6.6 |
MEDIUM
Physics
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact…
|
CWE-416
Use After Free
|
CVE-2017-16527
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252182
|
7.8 |
HIGH
Local
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafte…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-16526
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252183
|
6.6 |
MEDIUM
Physics
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possi…
|
CWE-416
Use After Free
|
CVE-2017-16525
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252184
|
9.8 |
CRITICAL
Network
|
mitrastar
|
gpt-2541gnac_firmware
dsl-100hn-t1_firmware
|
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented.
|
NVD-CWE-noinfo
|
CVE-2017-16523
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252185
|
8.8 |
HIGH
Network
|
mitrastar
|
gpt-2541gnac_firmware
dsl-100hn-t1_firmware
|
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-16522
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252186
|
7.5 |
HIGH
Network
|
yajl-ruby_project
debian
|
yajl-ruby
debian_linux
|
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c.…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2017-16516
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252187
|
7.8 |
HIGH
Local
|
ipswitch
|
ws_ftp
|
Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-16513
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252188
|
7.8 |
HIGH
Local
|
tgsoft
|
vir.it_explorer
|
In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file (VIAGLT64.SYS) contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8273007C.
|
CWE-20
Improper Input Validation
|
CVE-2017-16237
|
2024-11-21 12:16 |
2017-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252189
|
9.8 |
CRITICAL
Network
|
wordpress
|
wordpress
|
WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "d…
|
CWE-89
SQL Injection
|
CVE-2017-16510
|
2024-11-21 12:16 |
2017-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252190
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-16359
|
2024-11-21 12:16 |
2017-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
