|
250201
|
8.8 |
HIGH
Network
|
google
debian
xmlsoft
|
chrome
debian_linux
libxml2
|
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a c…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5130
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250202
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2017-5129
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250203
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5128
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250204
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
CWE-416
Use After Free
|
CVE-2017-5127
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250205
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
CWE-416
Use After Free
|
CVE-2017-5126
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250206
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5125
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250207
|
6.1 |
MEDIUM
Network
|
google
debian
|
chrome
debian_linux
|
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5124
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250208
|
7.2 |
HIGH
Network
|
moxa
|
softnvr-ia_live_view
|
An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search path element (DLL Hijacking) vulnerability has be…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-5170
|
2024-11-21 12:27 |
2018-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250209
|
8.0 |
HIGH
Adjacent
|
cambiumnetworks
|
cnpilot_r190v_firmware
cnpilot_e410_firmware
cnpilot_r190n_firmware
cnpilot_e400_firmware
cnpilot_e600_firmware
|
Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session token…
|
CWE-352
Origin Validation Error
|
CVE-2017-5263
|
2024-11-21 12:27 |
2017-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250210
|
8.0 |
HIGH
Adjacent
|
cambiumnetworks
|
cnpilot_r190v_firmware
cnpilot_e410_firmware
cnpilot_r190n_firmware
cnpilot_e400_firmware
cnpilot_e600_firmware
|
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.
|
CWE-200
Information Exposure
|
CVE-2017-5262
|
2024-11-21 12:27 |
2017-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
