|
257041
|
7.5 |
HIGH
Network
|
keepass
|
keepass
|
The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information.
|
NVD-CWE-noinfo
|
CVE-2017-1000066
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257042
|
6.1 |
MEDIUM
Network
|
openmediavault
|
openmediavault
|
Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights Management(Users) functionality allows attackers to inject arbitrary web scripts and exec…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000065
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257043
|
7.5 |
HIGH
Network
|
kitto_project
|
kitto
|
kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion in the router resulting in DoS
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-1000064
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257044
|
6.1 |
MEDIUM
Network
|
kitto_project
|
kitto
|
kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000063
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257045
|
7.5 |
HIGH
Network
|
kitto_project
|
kitto
|
kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution
|
CWE-22
Path Traversal
|
CVE-2017-1000062
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257046
|
7.1 |
HIGH
Local
|
xmlsec_project
|
xmlsec
|
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
|
CWE-611
XXE
|
CVE-2017-1000061
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257047
|
9.8 |
CRITICAL
Network
|
eyesofnetwork
|
eyesofnetwork
|
EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root
|
CWE-89
SQL Injection
|
CVE-2017-1000060
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257048
|
6.1 |
MEDIUM
Network
|
livehelperchat
|
live_helper_chat
|
Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other user…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000059
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257049
|
6.1 |
MEDIUM
Network
|
chevereto
|
chevereto
|
Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000058
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257050
|
9.8 |
CRITICAL
Network
|
kubernetes
|
kubernetes
|
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
|
CWE-862
Missing Authorization
|
CVE-2017-1000056
|
2024-11-21 12:04 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
