|
247651
|
6.1 |
MEDIUM
Network
|
telaxius
|
epesi
|
Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for_new_version.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a…
|
CWE-79
Cross-site Scripting
|
CVE-2017-8763
|
2024-11-21 12:34 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247652
|
5.4 |
MEDIUM
Network
|
genixcms
|
genixcms
|
GeniXCMS 1.0.2 has XSS triggered by an authenticated user who submits a page, as demonstrated by a crafted oncut attribute in a B element.
|
CWE-79
Cross-site Scripting
|
CVE-2017-8762
|
2024-11-21 12:34 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247653
|
6.5 |
MEDIUM
Network
|
brave
|
brave
|
Brave 0.12.4 has a Status Bar Obfuscation issue in which a redirection target is shown in a possibly unexpected way. NOTE: third parties dispute this issue because it is a behavior that might have le…
|
NVD-CWE-noinfo
|
CVE-2017-8459
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247654
|
6.5 |
MEDIUM
Network
|
brave
|
brave
|
Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://safe.example.com@unsafe.example.com/ is displayed without a clear UI indication that it is not a resource on the safe.exampl…
|
CWE-74
Injection
|
CVE-2017-8458
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247655
|
7.8 |
HIGH
Local
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8455
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247656
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8454
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247657
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8453
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247658
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory ex…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8421
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247659
|
7.8 |
HIGH
Local
|
lame_project
|
lame
|
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8419
|
2024-11-21 12:34 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247660
|
3.3 |
LOW
Local
|
rubocop_project
|
rubocop
|
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2017-8418
|
2024-11-21 12:34 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
