|
254881
|
7.5 |
HIGH
Network
|
apache
|
qpid_broker-j
|
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15701
|
2024-11-21 12:15 |
2017-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254882
|
8.8 |
HIGH
Network
|
otrs
debian
|
otrs
debian_linux
|
In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.
|
NVD-CWE-noinfo
|
CVE-2017-15864
|
2024-11-21 12:15 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254883
|
7.5 |
HIGH
Network
|
konversation
debian
|
konversation
debian_linux
|
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
|
NVD-CWE-noinfo
|
CVE-2017-15923
|
2024-11-21 12:15 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254884
|
8.1 |
HIGH
Network
|
zetacomponents
|
mail
|
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow rem…
|
CWE-94
Code Injection
|
CVE-2017-15806
|
2024-11-21 12:15 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254885
|
7.5 |
HIGH
Network
|
frrouting
|
frrouting
|
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE…
|
CWE-200
Information Exposure
|
CVE-2017-15865
|
2024-11-21 12:15 |
2017-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254886
|
9.8 |
CRITICAL
Network
|
synology
|
carddav_server
|
An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allows remote attackers to obtain user credentials via a brute-f…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2017-15887
|
2024-11-21 12:15 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254887
|
7.8 |
HIGH
Local
|
hashicorp
|
vagrant
|
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
|
CWE-362
Race Condition
|
CVE-2017-16001
|
2024-11-21 12:15 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254888
|
7.8 |
HIGH
Local
|
ignitum
|
sera
|
Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-15918
|
2024-11-21 12:15 |
2017-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254889
|
7.0 |
HIGH
Local
|
hashicorp
|
vagrant_vmware_fusion
|
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
|
CWE-362
Race Condition
|
CVE-2017-15884
|
2024-11-21 12:15 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254890
|
7.8 |
HIGH
Local
|
flexense
|
syncbreeze
|
Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destina…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15950
|
2024-11-21 12:15 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
