|
249441
|
7.5 |
HIGH
Network
|
intel
|
quickassist_technology_engine
|
The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-cha…
|
NVD-CWE-noinfo
|
CVE-2017-5681
|
2024-11-21 12:28 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249442
|
7.5 |
HIGH
Network
|
syspass
|
syspass
|
An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently reviewed by cryptographers. The fact that inc/SP/Core/Crypt.class is using the MCRYPT_RIJNDAEL_256() fu…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-5999
|
2024-11-21 12:28 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249443
|
8.0 |
HIGH
Network
|
d-link
|
di-524_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (…
|
CWE-352
Origin Validation Error
|
CVE-2017-5633
|
2024-11-21 12:28 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249444
|
6.5 |
MEDIUM
Network
|
owncloud
|
owncloud
|
ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a o…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-5867
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249445
|
4.3 |
MEDIUM
Network
|
owncloud
|
owncloud
|
The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to obtain sensit…
|
CWE-200
Information Exposure
|
CVE-2017-5866
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249446
|
3.7 |
LOW
Network
|
owncloud
|
owncloud
|
The password reset functionality in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 sends different error messages depending on whether the username is v…
|
CWE-200
Information Exposure
|
CVE-2017-5865
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249447
|
7.5 |
HIGH
Network
|
libimobiledevice
|
libplist
|
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an inv…
|
CWE-415
Double Free
|
CVE-2017-5836
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249448
|
7.5 |
HIGH
Network
|
libimobiledevice
|
libplist
|
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-5835
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249449
|
5.5 |
MEDIUM
Local
|
libimobiledevice
|
libplist
|
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5834
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249450
|
6.1 |
MEDIUM
Network
|
revive-adserver
|
revive_adserver
|
Cross-site scripting (XSS) vulnerability in the invocation code generation for interstitial zones in Revive Adserver before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via un…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5833
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
