|
250411
|
7.5 |
HIGH
Network
|
pcre
|
pcre
|
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (ou…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6004
|
2024-11-21 12:28 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250412
|
7.5 |
HIGH
Network
|
sap
|
sap_kernel
|
The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests wit…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-5997
|
2024-11-21 12:28 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250413
|
8.2 |
HIGH
Local
|
python
|
openpyxl
|
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
|
CWE-611
XXE
|
CVE-2017-5992
|
2024-11-21 12:28 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250414
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5896
|
2024-11-21 12:28 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250415
|
7.5 |
HIGH
Network
|
artifex
debian
|
mupdf
debian_linux
|
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pix…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5991
|
2024-11-21 12:28 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250416
|
6.1 |
MEDIUM
Network
|
phreesoft
|
phreebookserp
|
An issue was discovered in PhreeBooksERP before 2017-02-13. The vulnerability exists due to insufficient filtration of user-supplied data in the "form" HTTP GET parameter passed to the "PhreeBooksERP…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5990
|
2024-11-21 12:28 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250417
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of servi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-5972
|
2024-11-21 12:28 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250418
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted sy…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5970
|
2024-11-21 12:28 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250419
|
4.0 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by r…
|
CWE-200
Information Exposure
|
CVE-2017-5967
|
2024-11-21 12:28 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250420
|
6.1 |
MEDIUM
Network
|
openenergymonitor
|
emoncms
|
An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "emoncms-master/Modules/v…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5964
|
2024-11-21 12:28 |
2017-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
