|
256711
|
5.6 |
MEDIUM
Local
|
kubernetes
|
kubernetes
|
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary…
|
NVD-CWE-noinfo
|
CVE-2017-1002102
|
2024-11-21 12:04 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256712
|
9.6 |
CRITICAL
Network
|
kubernetes
|
kubernetes
|
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to …
|
CWE-59
Link Following
|
CVE-2017-1002101
|
2024-11-21 12:04 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256713
|
5.4 |
MEDIUM
Network
|
croogo
|
croogo
|
Croogo version 2.3.1-17-g6f82e6c contains a Cross Site Scripting (XSS) vulnerability in Page name that can result in execution of javascript code.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000510
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256714
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr version 6.0.2 contains a Cross Site Scripting (XSS) vulnerability in Product details that can result in execution of javascript code.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000509
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256715
|
6.1 |
MEDIUM
Network
|
invoiceplane
|
invoiceplane
|
Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have be…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000508
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256716
|
5.4 |
MEDIUM
Network
|
cnvs
|
canvas
|
Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) vulnerability in User's details that can result in denial of service and execution of javascript code.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000507
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256717
|
6.1 |
MEDIUM
Network
|
mautic
|
mautic
|
Mautic version 2.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Company's name that can result in denial of service and execution of javascript code.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000506
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256718
|
7.0 |
HIGH
Local
|
gnu
|
glibc
|
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000409
|
2024-11-21 12:04 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256719
|
7.8 |
HIGH
Local
|
gnu
|
glibc
|
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-1000408
|
2024-11-21 12:04 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256720
|
7.5 |
HIGH
Network
|
opendaylight
|
opendaylight
openflow
|
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil Vishnoi contain a flaw when multiple 'expired' flows take up the memory resource of CONFIG DATASTORE w…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-1000411
|
2024-11-21 12:04 |
2018-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
