|
264241
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr version 6.0.2 contains a Cross Site Scripting (XSS) vulnerability in Product details that can result in execution of javascript code.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000509
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264242
|
6.1 |
MEDIUM
Network
|
invoiceplane
|
invoiceplane
|
Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have be…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000508
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264243
|
5.4 |
MEDIUM
Network
|
cnvs
|
canvas
|
Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) vulnerability in User's details that can result in denial of service and execution of javascript code.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000507
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264244
|
6.1 |
MEDIUM
Network
|
mautic
|
mautic
|
Mautic version 2.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Company's name that can result in denial of service and execution of javascript code.
|
CWE-79
Cross-site Scripting
|
CVE-2017-1000506
|
2024-11-21 12:04 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264245
|
7.0 |
HIGH
Local
|
gnu
|
glibc
|
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1000409
|
2024-11-21 12:04 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264246
|
7.8 |
HIGH
Local
|
gnu
|
glibc
|
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-1000408
|
2024-11-21 12:04 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264247
|
7.5 |
HIGH
Network
|
opendaylight
|
opendaylight
openflow
|
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil Vishnoi contain a flaw when multiple 'expired' flows take up the memory resource of CONFIG DATASTORE w…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-1000411
|
2024-11-21 12:04 |
2018-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264248
|
6.5 |
MEDIUM
Network
|
mahara
|
mahara
|
An issue was discovered in Mahara before 18.10.0. It mishandled user requests that could discontinue a user's ability to maintain their own account (changing username, changing primary email address,…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2017-1000141
|
2024-11-21 12:04 |
2018-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264249
|
8.8 |
HIGH
Network
|
jenkins
|
jenkins
|
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an issue in the Jenkins user database authentication realm: create an account if signup is enabled; or create an …
|
CWE-352
Origin Validation Error
|
CVE-2017-1000356
|
2024-11-21 12:04 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264250
|
6.5 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-1000355
|
2024-11-21 12:04 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
