|
257871
|
5.5 |
MEDIUM
Local
|
acunetix
|
web_vulnerability_scanner
|
Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service (application crash) via a malformed PRE file, related to a "Read Access Violation starting at reporter!madTraceProcess."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11674
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257872
|
9.8 |
CRITICAL
Network
|
acunetix
|
web_vulnerability_scanner
|
Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at re…
|
CWE-20
Improper Input Validation
|
CVE-2017-11673
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257873
|
4.0 |
MEDIUM
Local
|
gnu
|
gcc
|
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences…
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2017-11671
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257874
|
8.1 |
HIGH
Network
|
openproject
|
openproject
|
OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session.
|
CWE-613
Insufficient Session Expiration
|
CVE-2017-11667
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257875
|
6.1 |
MEDIUM
Network
|
kopano
|
webapp
|
Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2017-11666
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257876
|
7.5 |
HIGH
Network
|
wp-rocket
|
wp-rocket
|
In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters (..) -- however, this is insufficient to stop remote attacks and can be bypa…
|
CWE-22
Path Traversal
|
CVE-2017-11658
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257877
|
8.6 |
HIGH
Local
|
factorio
|
factorio
|
A sandbox escape in the Lua interface in Wube Factorio before 0.15.31 allows remote game servers or user-assisted attackers to execute arbitrary C code by including and loading a C library.
|
NVD-CWE-noinfo
|
CVE-2017-11615
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257878
|
6.1 |
MEDIUM
Network
|
joomla
|
joomla\!
|
In Joomla! before 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components.
|
CWE-79
Cross-site Scripting
|
CVE-2017-11612
|
2024-11-21 12:08 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257879
|
7.5 |
HIGH
Network
|
sipcrack_project
|
sipcrack
|
A memory leak was found in the way SIPcrack 0.2 handled processing of SIP traffic, because a lines array was mismanaged. A remote attacker could potentially use this flaw to crash long-running sipdum…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11655
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257880
|
5.9 |
MEDIUM
Network
|
sipcrack_project
|
sipcrack
|
An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remote attacker could potentially use this …
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2017-11654
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
