|
247021
|
4.3 |
MEDIUM
Network
|
atlassian
|
confluence
|
Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had permission to view a page when creating a workbox notification about new comments. An attacker who can login to Confl…
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-9505
|
2024-11-21 12:36 |
2017-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247022
|
7.8 |
HIGH
Local
|
gnuplot_project
|
gnuplot
|
An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly hav…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2017-9670
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247023
|
7.3 |
HIGH
Local
|
infotecs
|
vipnet_client
vipnet_coordinator
|
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorr…
|
CWE-345
CWE-354
CWE-732
Insufficient Verification of Data Authenticity
Improper Validation of Integrity Check Value
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-9606
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247024
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9624
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247025
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9623
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247026
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9622
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247027
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Cross-site scripting (XSS) vulnerability in modules/Base/Lang/Administrator/update_translation.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9621
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247028
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-9617
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247029
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-9616
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247030
|
6.1 |
MEDIUM
Network
|
piwigo
|
piwigo
|
An open redirect vulnerability is present in Piwigo 2.9 and probably prior versions, allowing remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The identificatio…
|
CWE-601
Open Redirect
|
CVE-2017-9464
|
2024-11-21 12:36 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
