|
256801
|
9.8 |
CRITICAL
Network
|
iball
|
ib-wra150n_firmware
|
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs wi…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2017-14244
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256802
|
9.8 |
CRITICAL
Network
|
utstar
|
wa3002g4_firmware
|
An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials fr…
|
CWE-287
Improper Authentication
|
CVE-2017-14243
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256803
|
6.5 |
MEDIUM
Network
|
libarchive
|
libarchive
|
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14503
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256804
|
7.5 |
HIGH
Network
|
libarchive
|
libarchive
|
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_rea…
|
CWE-125
CWE-193
Out-of-bounds Read
Off-by-one Error
|
CVE-2017-14502
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256805
|
6.5 |
MEDIUM
Network
|
libarchive
|
libarchive
|
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14501
|
2024-11-21 12:12 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256806
|
8.8 |
HIGH
Network
|
newsbeuter
|
newsbeuter
|
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code exe…
|
CWE-78
OS Command
|
CVE-2017-14500
|
2024-11-21 12:12 |
2017-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256807
|
6.1 |
MEDIUM
Network
|
silverstripe
|
silverstripe
|
SilverStripe CMS before 3.6.1 has XSS via an SVG document that is mishandled by (1) the Insert Media option in the content editor or (2) an admin/assets/add pathname, as demonstrated by the admin/pag…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14498
|
2024-11-21 12:12 |
2017-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256808
|
7.8 |
HIGH
Local
|
linux
debian
|
linux_kernel
debian_linux
|
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14497
|
2024-11-21 12:12 |
2017-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256809
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14340
|
2024-11-21 12:12 |
2017-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256810
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
|
CWE-20
Improper Input Validation
|
CVE-2017-14489
|
2024-11-21 12:12 |
2017-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
