|
247101
|
8.8 |
HIGH
Network
|
gnu
fedoraproject
|
adns
fedora
|
An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9105
|
2024-11-21 12:35 |
2020-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247102
|
9.8 |
CRITICAL
Network
|
gnu
opensuse
fedoraproject
|
adns
leap
fedora
|
An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. De…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9103
|
2024-11-21 12:35 |
2020-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247103
|
9.8 |
CRITICAL
Network
|
gnu
opensuse
fedoraproject
|
adns
leap
fedora
|
An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9109
|
2024-11-21 12:35 |
2020-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247104
|
7.5 |
HIGH
Network
|
gnu
fedoraproject
|
adns
fedora
|
An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel wou…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9107
|
2024-11-21 12:35 |
2020-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247105
|
7.5 |
HIGH
Network
|
gnu
fedoraproject
|
adns
fedora
|
An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9106
|
2024-11-21 12:35 |
2020-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247106
|
6.5 |
MEDIUM
Network
|
cloudera
|
cloudera_manager
|
Secret data of processes managed by CM is not secured by file permissions.
|
CWE-275
Permission Issues
|
CVE-2017-9327
|
2024-11-21 12:35 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247107
|
7.5 |
HIGH
Network
|
cloudera
|
cloudera_manager
|
The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not expos…
|
CWE-255
Credentials Management
|
CVE-2017-9326
|
2024-11-21 12:35 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247108
|
7.5 |
HIGH
Network
|
cloudera
|
cdh
|
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
|
CWE-285
Improper Authorization
|
CVE-2017-9325
|
2024-11-21 12:35 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247109
|
9.8 |
CRITICAL
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtai…
|
CWE-255
Credentials Management
|
CVE-2017-9385
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247110
|
5.4 |
MEDIUM
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called relay.sh which is used for creating new SSH relays for the device so that the d…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9387
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
