|
246961
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecif…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9743
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246962
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9742
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246963
|
9.8 |
CRITICAL
Network
|
projectsend
|
projectsend
|
install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLES_PREFIX in the configuration file.
|
CWE-20
Improper Input Validation
|
CVE-2017-9741
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246964
|
6.1 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
In admin\addgroup.php in CMS Made Simple 2.1.6, when adding a user group, there is no XSS filtering, resulting in storage-type XSS generation, via the description parameter in an addgroup action.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9668
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246965
|
9.8 |
CRITICAL
Network
|
spip
|
spip
|
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution.
|
CWE-78
OS Command
|
CVE-2017-9736
|
2024-11-21 12:36 |
2017-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246966
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and Q…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9503
|
2024-11-21 12:36 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246967
|
7.5 |
HIGH
Network
|
eclipse
debian
oracle
|
jetty
debian_linux
retail_xstore_point_of_service
hospitality_guest_access
enterprise_manager_base_platform
rest_data_services
communications_cloud_native_core_policy
|
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect p…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2017-9735
|
2024-11-21 12:36 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246968
|
7.5 |
HIGH
Network
|
yocto_project
|
yp_core-pyro
|
In meta/classes/package_ipk.bbclass in Poky in poky-pyro 17.0.0 for Yocto Project through YP Core - Pyro 2.3, attackers can obtain sensitive information by reading a URL in a Source entry in an ipk p…
|
CWE-200
Information Exposure
|
CVE-2017-9731
|
2024-11-21 12:36 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246969
|
7.5 |
HIGH
Network
|
uclibc
|
uclibc
|
In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in the check_dst_limits_calc_pos_1 function in misc/regex/regexec.c when processing a crafted regular expression.
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-9729
|
2024-11-21 12:36 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246970
|
9.8 |
CRITICAL
Network
|
uclibc
|
uclibc
|
In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex/regexec.c when processing a crafted regular expression.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9728
|
2024-11-21 12:36 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
