|
256151
|
6.5 |
MEDIUM
Network
|
matroska
|
libebml2
mkclean
mkvalidator
|
The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file.
|
CWE-416
Use After Free
|
CVE-2017-12780
|
2024-11-21 12:10 |
2017-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256152
|
6.5 |
MEDIUM
Network
|
matroska
|
mkvalidator
|
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-12779
|
2024-11-21 12:10 |
2017-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256153
|
7.8 |
HIGH
Local
|
inpage
|
inpage
|
Special crafted InPage document leads to arbitrary code execution in InPage reader.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12824
|
2024-11-21 12:10 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256154
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute code to dereference a pointer within the program cau…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-12719
|
2024-11-21 12:10 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256155
|
8.8 |
HIGH
Network
|
gnu
debian
|
wget
debian_linux
|
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13090
|
2024-11-21 12:10 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256156
|
8.8 |
HIGH
Network
|
gnu
debian
|
wget
debian_linux
|
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13089
|
2024-11-21 12:10 |
2017-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256157
|
7.8 |
HIGH
Local
|
advantech
|
webop
|
A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP. A maliciously crafted project file may be able to trigger a heap-based buffer overflow, which may crash the process and allow an …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12705
|
2024-11-21 12:10 |
2017-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256158
|
9.8 |
CRITICAL
Network
|
openmrs
|
openmrs
|
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema o…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-12796
|
2024-11-21 12:10 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256159
|
8.1 |
HIGH
Network
|
vip
|
vip
|
The VIP.com application for IOS and Android allows remote attackers to obtain sensitive information and hijack the authentication of users via a rogue access point and a man-in-the-middle attack.
|
CWE-200
Information Exposure
|
CVE-2017-13127
|
2024-11-21 12:10 |
2017-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256160
|
5.3 |
MEDIUM
Adjacent
|
debian
freebsd
canonical
opensuse
redhat
w1.fi
suse
|
debian_linux
freebsd
ubuntu_linux
leap
enterprise_linux_server
enterprise_linux_desktop
hostapd
wpa_supplicant
linux_enterprise_server
linux_enterprise_desktop
openstack…
|
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response fra…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2017-13088
|
2024-11-21 12:10 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
