|
257351
|
7.1 |
HIGH
Local
|
x.org
|
libxfont
|
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xser…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13722
|
2024-11-21 12:11 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257352
|
7.1 |
HIGH
Local
|
x.org
|
libxfont
|
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of f…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13720
|
2024-11-21 12:11 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257353
|
4.2 |
MEDIUM
Adjacent
|
symantec
|
encryption_desktop
|
A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by …
|
NVD-CWE-noinfo
|
CVE-2017-13679
|
2024-11-21 12:11 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257354
|
4.2 |
MEDIUM
Adjacent
|
symantec
|
endpoint_encryption
|
A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by tem…
|
NVD-CWE-noinfo
|
CVE-2017-13675
|
2024-11-21 12:11 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257355
|
9.9 |
CRITICAL
Network
|
lansweeper
|
lansweeper
|
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information,…
|
CWE-611
XXE
|
CVE-2017-13706
|
2024-11-21 12:11 |
2017-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257356
|
7.8 |
HIGH
Local
|
x.org
debian
|
xorg-server
debian_linux
|
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other proble…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13723
|
2024-11-21 12:11 |
2017-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257357
|
4.7 |
MEDIUM
Local
|
x.org
debian
|
xorg-server
debian_linux
|
In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared mem…
|
CWE-269
Improper Privilege Management
|
CVE-2017-13721
|
2024-11-21 12:11 |
2017-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257358
|
7.5 |
HIGH
Network
|
loytec
|
lvis-3me_firmware
|
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficiently protect sensitive information from unauthorized access.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-13998
|
2024-11-21 12:11 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257359
|
8.8 |
HIGH
Network
|
loytec
|
lvis-3me_firmware
|
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not ha…
|
CWE-22
Path Traversal
|
CVE-2017-13996
|
2024-11-21 12:11 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257360
|
6.1 |
MEDIUM
Network
|
loytec
|
lvis-3me_firmware
|
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticat…
|
CWE-79
Cross-site Scripting
|
CVE-2017-13994
|
2024-11-21 12:11 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
