|
248981
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain r…
|
NVD-CWE-noinfo
|
CVE-2017-7184
|
2024-11-21 12:31 |
2017-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248982
|
8.8 |
HIGH
Network
|
deluge-torrent
debian
|
deluge
debian_linux
|
CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) caus…
|
CWE-352
Origin Validation Error
|
CVE-2017-7178
|
2024-11-21 12:31 |
2017-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248983
|
7.5 |
HIGH
Network
|
openinfosecfoundation
|
suricata
|
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2017-7177
|
2024-11-21 12:31 |
2017-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248984
|
9.8 |
CRITICAL
Network
|
chef_manage_project
|
chef_manage
|
The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5.
|
NVD-CWE-noinfo
|
CVE-2017-7174
|
2024-11-21 12:31 |
2017-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248985
|
7.8 |
HIGH
Local
|
flexera
|
flexnet_manager
flexnet_manager_suite_2015
|
A vulnerability exists in FlexNet Manager Suite releases 2015 R2 SP3 and earlier (including FlexNet Manager Platform 9.2 and earlier) that affects the inventory gathering components and can be exploi…
|
CWE-269
Improper Privilege Management
|
CVE-2017-6894
|
2024-11-21 12:30 |
2023-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248986
|
9.8 |
CRITICAL
Network
|
riello-ups
|
netman_204_firmware
|
An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VA…
|
CWE-255
Credentials Management
|
CVE-2017-6900
|
2024-11-21 12:30 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248987
|
8.8 |
HIGH
Network
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
|
CWE-284
Improper Access Control
|
CVE-2017-6912
|
2024-11-21 12:30 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248988
|
6.5 |
MEDIUM
Network
|
drupal
|
drupal
|
In Drupal 8.x prior to 8.3.7 When creating a view, you can optionally use Ajax to update the displayed data via filter parameters. The views subsystem/module did not restrict access to the Ajax endpo…
|
CWE-862
Missing Authorization
|
CVE-2017-6923
|
2024-11-21 12:30 |
2019-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248989
|
6.5 |
MEDIUM
Network
|
drupal
debian
|
drupal
debian_linux
|
In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visi…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2017-6922
|
2024-11-21 12:30 |
2019-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248990
|
5.9 |
MEDIUM
Network
|
drupal
|
drupal
|
In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services (rest) modu…
|
CWE-20
Improper Input Validation
|
CVE-2017-6921
|
2024-11-21 12:30 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
