|
256851
|
6.5 |
MEDIUM
Network
|
sodiumoxide_project
|
sodiumoxide
|
sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate public keys
|
NVD-CWE-noinfo
|
CVE-2017-1000168
|
2024-11-21 12:04 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256852
|
9.8 |
CRITICAL
Network
|
cygnux
|
syspass
|
Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File Inclusion in the functionality of javascript files inclusion. The attacker can read the configuration files that contain the login…
|
NVD-CWE-noinfo
|
CVE-2017-1000192
|
2024-11-21 12:04 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256853
|
7.5 |
HIGH
Network
|
jool
|
jool
|
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-1000191
|
2024-11-21 12:04 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256854
|
9.8 |
CRITICAL
Network
|
alchemist-elixir
|
alchemist-server
|
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are the…
|
NVD-CWE-noinfo
|
CVE-2017-1000212
|
2024-11-21 12:04 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256855
|
5.3 |
MEDIUM
Network
|
lynx_project
|
lynx
|
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.
|
CWE-416
Use After Free
|
CVE-2017-1000211
|
2024-11-21 12:04 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256856
|
9.8 |
CRITICAL
Network
|
htslib
|
htslib
|
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000206
|
2024-11-21 12:04 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256857
|
8.8 |
HIGH
Network
|
cern
|
root
|
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
|
CWE-78
OS Command
|
CVE-2017-1000203
|
2024-11-21 12:04 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256858
|
7.8 |
HIGH
Local
|
optipng_project
debian
|
optipng
debian_linux
|
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-1000229
|
2024-11-21 12:04 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256859
|
5.3 |
MEDIUM
Network
|
fullworks
|
stop_user_enumeration
|
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
|
CWE-200
Information Exposure
|
CVE-2017-1000226
|
2024-11-21 12:04 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256860
|
6.1 |
MEDIUM
Network
|
relevanssi
|
relevanssi
|
Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000225
|
2024-11-21 12:04 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
