|
248741
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-5987
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248742
|
5.5 |
MEDIUM
Local
|
virglrenderer_project
|
virglrenderer
|
The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_bu…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5956
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248743
|
2.7 |
LOW
Network
|
opensuse
postfixadmin_project
|
leap
postfixadmin
|
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission ch…
|
CWE-862
Missing Authorization
|
CVE-2017-5930
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248744
|
7.8 |
HIGH
Local
|
gnu
|
screen
|
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
|
CWE-863
Incorrect Authorization
|
CVE-2017-5618
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248745
|
6.6 |
MEDIUM
Physics
|
oneplus
|
oxygenos
|
An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can change the bootmode of the device by issuing the 'fastboot oem boot_mode {rf/wlan/ftm/normal} command' i…
|
CWE-269
Improper Privilege Management
|
CVE-2017-5623
|
2024-11-21 12:28 |
2017-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248746
|
6.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-5857
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248747
|
6.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via Meg…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-5856
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248748
|
6.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) o…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5667
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248749
|
7.4 |
HIGH
Network
|
apache
|
camel
|
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-5643
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248750
|
7.4 |
HIGH
Network
|
debian
kitfox
|
debian_linux
svg_salamander
|
The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG fil…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-5617
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
