|
252631
|
5.9 |
MEDIUM
Network
|
irssi
debian
|
irssi
debian_linux
|
In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-15722
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252632
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15721
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252633
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15803
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252634
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15802
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252635
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15801
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252636
|
6.1 |
MEDIUM
Network
|
spip
|
spip
|
Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to …
|
CWE-79
Cross-site Scripting
|
CVE-2017-15736
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252637
|
8.8 |
HIGH
Network
|
phpmyfaq
|
phpmyfaq
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
|
CWE-352
Origin Validation Error
|
CVE-2017-15735
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252638
|
8.8 |
HIGH
Network
|
phpmyfaq
|
phpmyfaq
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
|
CWE-352
Origin Validation Error
|
CVE-2017-15734
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252639
|
8.8 |
HIGH
Network
|
phpmyfaq
|
phpmyfaq
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
|
CWE-352
Origin Validation Error
|
CVE-2017-15733
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252640
|
8.8 |
HIGH
Network
|
phpmyfaq
|
phpmyfaq
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
|
CWE-352
Origin Validation Error
|
CVE-2017-15732
|
2024-11-21 12:15 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
