|
251211
|
3.3 |
LOW
Local
|
apple
|
iphone_os
|
An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history ar…
|
NVD-CWE-noinfo
|
CVE-2017-2375
|
2024-11-21 12:23 |
2021-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251212
|
7.5 |
HIGH
Network
|
dropbear_ssh_project
|
dropbear_ssh
|
It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly co…
|
CWE-287
Improper Authentication
|
CVE-2017-2659
|
2024-11-21 12:23 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251213
|
5.9 |
MEDIUM
Network
|
apple
|
iphone_os
|
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.
|
CWE-254
7PK - Security Features
|
CVE-2017-2411
|
2024-11-21 12:23 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251214
|
6.5 |
MEDIUM
Network
|
redhat
|
libvirt
|
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial o…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-2635
|
2024-11-21 12:23 |
2018-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251215
|
6.5 |
MEDIUM
Network
|
libbpg_project
|
libbpg
|
A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of function malloc in the BPG encoder. This vulnerability appeare…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-2575
|
2024-11-21 12:23 |
2018-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251216
|
8.2 |
HIGH
Local
|
redhat
openstack
|
openstack
tripleo-common
|
A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. …
|
CWE-22
Path Traversal
|
CVE-2017-2627
|
2024-11-21 12:23 |
2018-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251217
|
4.3 |
MEDIUM
Network
|
theforeman
|
katello
|
A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respe…
|
-
|
CVE-2017-2662
|
2024-11-21 12:23 |
2018-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251218
|
5.3 |
MEDIUM
Network
|
jenkins
|
email_extension
|
jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, li…
|
CWE-200
Information Exposure
|
CVE-2017-2654
|
2024-11-21 12:23 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251219
|
7.8 |
HIGH
Local
|
redhat
|
subscription-manager
|
It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local a…
|
NVD-CWE-noinfo
|
CVE-2017-2663
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251220
|
8.8 |
HIGH
Network
|
jenkins
|
distributed_fork
|
It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Ov…
|
CWE-287
Improper Authentication
|
CVE-2017-2652
|
2024-11-21 12:23 |
2018-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
