|
256821
|
7.5 |
HIGH
Network
|
structured-data
|
structured_data_linter
|
Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host.
|
CWE-22
Path Traversal
|
CVE-2017-1000448
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256822
|
5.9 |
MEDIUM
Network
|
linaro
|
op-tee
|
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA key.
|
CWE-200
Information Exposure
|
CVE-2017-1000413
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256823
|
7.5 |
HIGH
Network
|
linaro
|
op-tee
|
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key.
|
CWE-200
Information Exposure
|
CVE-2017-1000412
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256824
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
canonical
|
imagemagick
debian_linux
ubuntu_linux
|
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-1000445
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256825
|
9.8 |
CRITICAL
Network
|
openhacker_project
|
openhacker
|
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution
|
CWE-89
SQL Injection
|
CVE-2017-1000444
|
2024-11-21 12:04 |
2018-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256826
|
6.1 |
MEDIUM
Network
|
openhacker_project
|
openhacker
|
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000443
|
2024-11-21 12:04 |
2018-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256827
|
5.4 |
MEDIUM
Network
|
passbolt
|
passbolt_api
|
Passbolt API version 1.6.4 and older are vulnerable to a XSS in the url field on the password workspace
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000442
|
2024-11-21 12:04 |
2018-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256828
|
5.9 |
MEDIUM
Network
|
erlang
debian
|
erlang\/otp
debian_linux
|
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's priv…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2017-1000385
|
2024-11-21 12:04 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256829
|
7.4 |
HIGH
Adjacent
|
redhat
linux
debian
canonical
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
virtualization_host
enterprise_linux_server_tus
enterprise_linux_server_eus
enterprise_linux_server_aus…
|
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2017-1000407
|
2024-11-21 12:04 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256830
|
7.5 |
HIGH
Network
|
linux
debian
redhat
|
linux_kernel
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
virtualization_host
enterprise_linux_server_tu…
|
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of…
|
CWE-200
Information Exposure
|
CVE-2017-1000410
|
2024-11-21 12:04 |
2017-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
