|
254851
|
5.4 |
MEDIUM
Network
|
netfortris
|
trixbox
|
trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14536
|
2024-11-21 12:13 |
2018-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254852
|
8.8 |
HIGH
Network
|
netfortris
|
trixbox
|
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.
|
CWE-78
OS Command
|
CVE-2017-14535
|
2024-11-21 12:13 |
2018-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254853
|
6.5 |
MEDIUM
Network
|
asus
|
dsl-ac51_firmware
dsl-ac52u_firmware
dsl-ac55u_firmware
dsl-n55u_c1_firmware
dsl-n55u_d1_firmware
dsl-ac56u_firmware
dsl-n10_c1_firmware
dsl-n12u_c1_firmware
dsl-n12e_c1_firmw…
|
Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, …
|
CWE-611
XXE
|
CVE-2017-14699
|
2024-11-21 12:13 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254854
|
9.8 |
CRITICAL
Network
|
asus
|
dsl-ac51_firmware
dsl-ac52u_firmware
dsl-ac55u_firmware
dsl-n55u_c1_firmware
dsl-n55u_d1_firmware
dsl-ac56u_firmware
dsl-n10_c1_firmware
dsl-n12u_c1_firmware
dsl-n12e_c1_firmw…
|
ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers all…
|
CWE-287
Improper Authentication
|
CVE-2017-14698
|
2024-11-21 12:13 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254855
|
8.8 |
HIGH
Network
|
atlassian
|
sourcetree
|
Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows…
|
NVD-CWE-noinfo
CWE-77
Command Injection
|
CVE-2017-14593
|
2024-11-21 12:13 |
2018-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254856
|
8.8 |
HIGH
Network
|
atlassian
|
sourcetree
|
Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is …
|
NVD-CWE-noinfo
CWE-77
Command Injection
|
CVE-2017-14592
|
2024-11-21 12:13 |
2018-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254857
|
9.8 |
CRITICAL
Network
|
netiq
|
access_manager
|
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrar…
|
NVD-CWE-noinfo
|
CVE-2017-14803
|
2024-11-21 12:13 |
2018-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254858
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site …
|
CWE-79
Cross-site Scripting
|
CVE-2017-14594
|
2024-11-21 12:13 |
2018-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254859
|
8.8 |
HIGH
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr po…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14879
|
2024-11-21 12:13 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254860
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the pp_pgc_get_config() graphics driver function, a kernel memory overwrite can pote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14873
|
2024-11-21 12:13 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
