|
257031
|
9.8 |
CRITICAL
Network
|
creolabs
|
gravity
|
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000075
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257032
|
9.8 |
CRITICAL
Network
|
creolabs
|
gravity
|
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000074
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257033
|
9.8 |
CRITICAL
Network
|
jenkins
|
jenkins
|
The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encr…
|
CWE-200
Information Exposure
|
CVE-2017-1000362
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257034
|
9.8 |
CRITICAL
Network
|
creolabs
|
gravity
|
Creolabs Gravity version 1.0 is vulnerable to a heap overflow in an undisclosed component that can result in arbitrary code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000073
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257035
|
9.8 |
CRITICAL
Network
|
creolabs
|
gravity
|
Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting potentially leading to modification of unexpected memory locations
|
CWE-415
Double Free
|
CVE-2017-1000072
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257036
|
8.1 |
HIGH
Network
|
apereo
|
phpcas
|
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
|
CWE-287
Improper Authentication
|
CVE-2017-1000071
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257037
|
6.1 |
MEDIUM
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input v…
|
CWE-601
Open Redirect
|
CVE-2017-1000070
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257038
|
8.8 |
HIGH
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
|
CWE-352
Origin Validation Error
|
CVE-2017-1000069
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257039
|
7.5 |
HIGH
Network
|
betterment
|
testtrack
|
TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of se…
|
CWE-287
Improper Authentication
|
CVE-2017-1000068
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257040
|
8.8 |
HIGH
Network
|
modx
|
revolution
|
MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalatin…
|
CWE-89
SQL Injection
|
CVE-2017-1000067
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
