|
252531
|
5.5 |
MEDIUM
Local
|
debian
bchunk_project
|
debian_linux
bchunk
|
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15954
|
2024-11-21 12:15 |
2017-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252532
|
5.5 |
MEDIUM
Local
|
debian
bchunk_project
|
debian_linux
bchunk
|
bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15953
|
2024-11-21 12:15 |
2017-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252533
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local…
|
CWE-20
Improper Input Validation
|
CVE-2017-15951
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252534
|
7.2 |
HIGH
Network
|
angry-frog
|
xavier
|
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.
|
CWE-89
SQL Injection
|
CVE-2017-15949
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252535
|
4.8 |
MEDIUM
Network
|
edgeofmyseat
|
perch
|
Perch Content Management System 3.0.3 allows unrestricted file upload (with resultant XSS) via the Asset Title field in conjunction with the Select File field. This is exploitable with a Limited Admi…
|
CWE-79
Cross-site Scripting
|
CVE-2017-15948
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252536
|
5.4 |
MEDIUM
Network
|
aspsource
|
simple_asc_content_management_system
|
Simple ASC Content Management System v1.2 has XSS in the location field in the sign function, related to guestbook.asp, formgb.asp, and msggb.asp.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15947
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252537
|
9.8 |
CRITICAL
Network
|
selfget
|
tag_meta
|
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET.
|
CWE-89
SQL Injection
|
CVE-2017-15946
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252538
|
7.8 |
HIGH
Local
|
mariadb
mysql
|
mariadb
mysql
|
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writab…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-15945
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252539
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a den…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15939
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252540
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15938
|
2024-11-21 12:15 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
