|
252911
|
7.5 |
HIGH
Network
|
gnu
|
libextractor
|
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted s…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-15602
|
2024-11-21 12:14 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252912
|
7.5 |
HIGH
Network
|
gnu
|
libextractor
|
In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15601
|
2024-11-21 12:14 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252913
|
7.5 |
HIGH
Network
|
gnu
|
libextractor
|
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15600
|
2024-11-21 12:14 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252914
|
6.5 |
MEDIUM
Network
|
3cx
|
3cx
|
In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInf…
|
CWE-22
Path Traversal
|
CVE-2017-15359
|
2024-11-21 12:14 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252915
|
6.0 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physma…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15596
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252916
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15595
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252917
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotpl…
|
NVD-CWE-noinfo
|
CVE-2017-15594
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252918
|
6.5 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15593
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252919
|
8.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishan…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2017-15592
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252920
|
6.5 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of…
|
CWE-20
Improper Input Validation
|
CVE-2017-15591
|
2024-11-21 12:14 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
