|
248371
|
6.7 |
MEDIUM
Local
|
magnicomp
|
sysinfo
|
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-…
|
CWE-20
Improper Input Validation
|
CVE-2017-6516
|
2024-11-21 12:29 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248372
|
5.5 |
MEDIUM
Local
|
graphicsmagick
|
graphicsmagick
|
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samp…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6335
|
2024-11-21 12:29 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248373
|
8.8 |
HIGH
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is …
|
CWE-78
NVD-CWE-noinfo
OS Command
|
CVE-2017-6398
|
2024-11-21 12:29 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248374
|
7.5 |
HIGH
Network
|
cerberusftp
|
ftp_server
|
In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.
|
CWE-20
Improper Input Validation
|
CVE-2017-6367
|
2024-11-21 12:29 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248375
|
8.8 |
HIGH
Network
|
keekoonvision
|
kk002_ip_camera_firmware
|
Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng (and the entire set of other pages).
|
CWE-352
Origin Validation Error
|
CVE-2017-6180
|
2024-11-21 12:29 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248376
|
8.8 |
HIGH
Network
|
zammad
|
zammad
|
A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. To exploit the vulnerability, an attacker can send cross-domain requests directly to the REST API for u…
|
CWE-352
Origin Validation Error
|
CVE-2017-6081
|
2024-11-21 12:29 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248377
|
9.8 |
CRITICAL
Network
|
zammad
|
zammad
|
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. To exploit the vulnerabilit…
|
CWE-352
Origin Validation Error
|
CVE-2017-6080
|
2024-11-21 12:29 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248378
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-6444
|
2024-11-21 12:29 |
2017-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248379
|
9.9 |
CRITICAL
Network
|
softaculous
|
whmcs_reseller_module
|
The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by V…
|
CWE-275
Permission Issues
|
CVE-2017-6513
|
2024-11-21 12:29 |
2017-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248380
|
8.1 |
HIGH
Network
|
f-secure
|
software_updater
|
F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-…
|
CWE-20
Improper Input Validation
|
CVE-2017-6466
|
2024-11-21 12:29 |
2017-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
