|
256251
|
9.8 |
CRITICAL
Network
|
dreambox
|
opendreambox
|
enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the com…
|
CWE-78
OS Command
|
CVE-2017-14135
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256252
|
6.5 |
MEDIUM
Network
|
jasper_project
debian
|
jasper
debian_linux
|
JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.90…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14132
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256253
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of servi…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14130
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256254
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_u…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14129
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256255
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_b…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14128
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256256
|
9.8 |
CRITICAL
Network
|
technicolor
|
td5336_firmware
|
Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingA…
|
CWE-78
OS Command
|
CVE-2017-14127
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256257
|
6.1 |
MEDIUM
Network
|
xnau
|
participants_database
|
The Participants Database plugin before 1.7.5.10 for WordPress has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14126
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256258
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_firewall_analyzer
|
Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the serv…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-14123
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256259
|
9.1 |
CRITICAL
Network
|
rarlab
debian
|
unrar
debian_linux
|
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14122
|
2024-11-21 12:12 |
2017-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256260
|
5.5 |
MEDIUM
Local
|
rarlab
debian
|
unrar
debian_linux
|
The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14121
|
2024-11-21 12:12 |
2017-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
