|
256501
|
9.8 |
CRITICAL
Network
|
denyall
|
web_application_firewall
i-suite
|
DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken …
|
CWE-287
Improper Authentication
|
CVE-2017-14706
|
2024-11-21 12:13 |
2017-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256502
|
8.1 |
HIGH
Network
|
denyall
|
web_application_firewall
i-suite
|
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webser…
|
CWE-78
OS Command
|
CVE-2017-14705
|
2024-11-21 12:13 |
2017-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256503
|
7.8 |
HIGH
Local
|
irfanview
|
irfanview
|
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selecti…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14693
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256504
|
7.8 |
HIGH
Local
|
stdutility
|
stdu_viewer
|
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14692
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256505
|
7.8 |
HIGH
Local
|
stdutility
|
stdu_viewer
|
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection s…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14691
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256506
|
7.8 |
HIGH
Local
|
stdutility
|
stdu_viewer
|
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14690
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256507
|
7.8 |
HIGH
Local
|
stdutility
|
stdu_viewer
|
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arg…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14689
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256508
|
7.8 |
HIGH
Local
|
stdutility
|
stdu_viewer
|
STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at STDUDjVuFile!DllU…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14688
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256509
|
6.5 |
MEDIUM
Network
|
asp4cms
|
aspcms
|
member/Orderinfo.asp in ASP4CMS AspCMS 2.7.2 allows remote authenticated users to read arbitrary order information via a modified OrderNo parameter.
|
CWE-200
Information Exposure
|
CVE-2017-14653
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256510
|
9.8 |
CRITICAL
Network
|
sam2p_project
|
sam2p
|
In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb function in in_xpm.cpp. However, this can also cause a write to an illegal address.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14637
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
