|
249261
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) v…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7379
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249262
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PD…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7378
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249263
|
7.5 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-7396
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249264
|
6.5 |
MEDIUM
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-7395
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249265
|
7.5 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames.
|
CWE-20
Improper Input Validation
|
CVE-2017-7394
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249266
|
8.8 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.
|
CWE-415
Double Free
|
CVE-2017-7393
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249267
|
7.5 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-7392
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249268
|
6.1 |
MEDIUM
Network
|
magmi_project
|
magmi
|
A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_ge…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7391
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249269
|
6.1 |
MEDIUM
Network
|
socialnetwork_project
|
socialnetwork
|
A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data (mail) passed to the 'SocialNetwork-andrea/app/tem…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7390
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249270
|
6.1 |
MEDIUM
Network
|
openeclass
|
openeclass
|
Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass Release_3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data (meeting_id, user) passed to the 'ope…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7389
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
