|
252841
|
7.5 |
HIGH
Network
|
samba
redhat
debian
canonical
|
samba
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
debian_linux
ubuntu_linux
|
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15275
|
2024-11-21 12:14 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252842
|
8.1 |
HIGH
Network
|
teampass
|
teampass
|
TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, e…
|
CWE-269
Improper Privilege Management
|
CVE-2017-15055
|
2024-11-21 12:14 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252843
|
7.5 |
HIGH
Network
|
teampass
|
teampass
|
An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerabi…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-15054
|
2024-11-21 12:14 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252844
|
4.9 |
MEDIUM
Network
|
teampass
|
teampass
|
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting roles.queries.php. It is then possible for a manager user to modify any arbitrary roles within the applicatio…
|
CWE-269
Improper Privilege Management
|
CVE-2017-15053
|
2024-11-21 12:14 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252845
|
4.9 |
MEDIUM
Network
|
teampass
|
teampass
|
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. It is then possible for a manager user to delete an arbitrary user (including admin), or m…
|
CWE-269
Improper Privilege Management
|
CVE-2017-15052
|
2024-11-21 12:14 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252846
|
5.4 |
MEDIUM
Network
|
teampass
|
teampass
|
Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass before 2.1.27.9 allow authenticated remote attackers to inject arbitrary web script or HTML via the (1) URL value of an item or …
|
CWE-79
Cross-site Scripting
|
CVE-2017-15051
|
2024-11-21 12:14 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252847
|
8.1 |
HIGH
Network
|
redhat
|
openstack_platform
|
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authenticati…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-15114
|
2024-11-21 12:14 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252848
|
6.1 |
MEDIUM
Network
|
theforeman
redhat
|
foreman
satellite
satellite_capsule
|
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends…
|
-
|
CVE-2017-15100
|
2024-11-21 12:14 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252849
|
9.8 |
CRITICAL
Network
|
mit
|
kerberos_5
|
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15088
|
2024-11-21 12:14 |
2017-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252850
|
3.7 |
LOW
Network
|
norton
|
install_norton_security
|
Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the pu…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-15528
|
2024-11-21 12:14 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
