|
252961
|
7.8 |
HIGH
Local
|
cpuid
|
cpu-z
|
In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-15303
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252962
|
5.5 |
MEDIUM
Local
|
ccsv_project
|
ccsv
|
The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file.
|
CWE-415
Double Free
|
CVE-2017-15364
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252963
|
7.5 |
HIGH
Network
|
luracast
|
restler
|
Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to rea…
|
CWE-22
Path Traversal
|
CVE-2017-15363
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252964
|
5.4 |
MEDIUM
Network
|
paessler
|
prtg_network_monitor
|
PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15360
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252965
|
5.3 |
MEDIUM
Network
|
ewbf
|
cuda_zcash_miner
|
The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b hangs on incoming TCP connections until some sort of request is made (such as "GET / HTTP/1.1"), which allows for a Denial of Ser…
|
NVD-CWE-noinfo
|
CVE-2017-15300
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252966
|
6.1 |
MEDIUM
Network
|
nexusphp_project
|
nexusphp
|
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15305
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252967
|
9.8 |
CRITICAL
Network
|
airtame
|
hdmi_dongle_firmware
|
/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an attacker to set his own session id via a "Cookie: PHPSESSID=" header. This can be used to achieve persist…
|
CWE-384
Session Fixation
|
CVE-2017-15304
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252968
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15299
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252969
|
5.5 |
MEDIUM
Local
|
git-scm
canonical
|
git
ubuntu_linux
|
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an i…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15298
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252970
|
5.9 |
MEDIUM
Network
|
infineon
|
trusted_platform_firmware
rsa_library
|
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 13…
|
NVD-CWE-noinfo
|
CVE-2017-15361
|
2024-11-21 12:14 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
