|
249521
|
7.5 |
HIGH
Network
|
gstreamer_project
|
gstreamer
|
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attacke…
|
CWE-416
Use After Free
|
CVE-2017-5843
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249522
|
5.5 |
MEDIUM
Local
|
gstreamer_project
|
gstreamer
|
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a cr…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5842
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249523
|
7.5 |
HIGH
Network
|
gstreamer_project
|
gstreamer
|
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vector…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5841
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249524
|
7.5 |
HIGH
Network
|
gstreamer_project
|
gstreamer
|
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors in…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5840
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249525
|
7.5 |
HIGH
Network
|
gstreamer_project
|
gstreamer
|
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a de…
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-5839
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249526
|
7.5 |
HIGH
Network
|
gstreamer_project
|
gstreamer
|
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datet…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5838
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249527
|
5.5 |
MEDIUM
Local
|
gstreamer_project
|
gstreamer
|
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception…
|
CWE-369
Divide By Zero
|
CVE-2017-5837
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249528
|
5.9 |
MEDIUM
Network
|
citrix
|
netscaler_application_delivery_controller_firmware
|
Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for rem…
|
CWE-200
Information Exposure
|
CVE-2017-5933
|
2024-11-21 12:28 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249529
|
9.8 |
CRITICAL
Network
|
pear
|
html_ajax
|
PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression.
|
NVD-CWE-noinfo
|
CVE-2017-5677
|
2024-11-21 12:28 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249530
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to…
|
CWE-89
SQL Injection
|
CVE-2017-5879
|
2024-11-21 12:28 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
