|
249691
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possi…
|
CWE-20
Improper Input Validation
|
CVE-2017-6345
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249692
|
9.8 |
CRITICAL
Network
|
vim
|
vim
|
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6350
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249693
|
9.8 |
CRITICAL
Network
|
vim
|
vim
|
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, whic…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6349
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249694
|
5.9 |
MEDIUM
Local
|
grails
|
pdf_plugin
|
XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document.
|
CWE-611
XXE
|
CVE-2017-6344
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249695
|
8.1 |
HIGH
Network
|
dahuasecurity
|
camera_firmware
nvr_firmware
smartpss_firmware
|
The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attac…
|
CWE-287
Improper Authentication
|
CVE-2017-6343
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249696
|
5.9 |
MEDIUM
Network
|
dahuasecurity
|
camera_firmware
nvr_firmware
smartpss_firmware
|
Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to …
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-6341
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249697
|
9.8 |
CRITICAL
Network
|
dahuasecurity
|
camera_firmware
nvr_firmware
smartpss_firmware
|
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPS…
|
CWE-269
Improper Privilege Management
|
CVE-2017-6342
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249698
|
5.9 |
MEDIUM
Network
|
mikrotik
|
routeros
|
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2017-6297
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249699
|
7.8 |
HIGH
Local
|
tnef_project
debian
|
tnef
debian_linux
|
An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the file_add_mapi_attrs() function. These might lead to invalid read and write operations, controlled by an…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2017-6310
|
2024-11-21 12:29 |
2017-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249700
|
7.8 |
HIGH
Local
|
tnef_project
debian
|
tnef
debian_linux
|
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2017-6309
|
2024-11-21 12:29 |
2017-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
