|
250491
|
7.2 |
HIGH
Network
|
genixcms
|
genixcms
|
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin…
|
CWE-89
SQL Injection
|
CVE-2017-5346
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250492
|
8.8 |
HIGH
Network
|
metalgenix
|
genixcms
|
SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default…
|
CWE-89
SQL Injection
|
CVE-2017-5345
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250493
|
9.1 |
CRITICAL
Network
|
libimobiledevice
|
libplist
|
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) vi…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5209
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250494
|
9.8 |
CRITICAL
Network
|
php
netapp
|
php
clustered_data_ontap
|
Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial o…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5340
|
2024-11-21 12:27 |
2017-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250495
|
5.5 |
MEDIUM
Local
|
netop
|
remote_control
|
Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially design…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5216
|
2024-11-21 12:27 |
2017-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250496
|
5.5 |
MEDIUM
Local
|
samsung
|
samsung_mobile
|
Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. Th…
|
CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error')
Improper Input Validation
|
CVE-2017-5217
|
2024-11-21 12:27 |
2017-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250497
|
5.4 |
MEDIUM
Network
|
tenable
|
nessus
|
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5179
|
2024-11-21 12:27 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250498
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
CWE-20
Improper Input Validation
|
CVE-2017-5028
|
2024-11-21 12:26 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250499
|
6.2 |
MEDIUM
Physics
|
intel
|
nuc_kit_firmware
compute_card_firmware
compute_stick_firmware
|
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
|
NVD-CWE-noinfo
|
CVE-2017-3718
|
2024-11-21 12:26 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250500
|
7.8 |
HIGH
Local
|
mcafee
|
application_and_change_control
|
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
|
CWE-287
Improper Authentication
|
CVE-2017-3912
|
2024-11-21 12:26 |
2018-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
