|
249641
|
4.8 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code through a crafted 'action' parameter. Thi…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6973
|
2024-11-21 12:30 |
2017-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249642
|
5.4 |
MEDIUM
Network
|
siemens
|
ruggedcom_rox_i
|
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6864
|
2024-11-21 12:30 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249643
|
7.8 |
HIGH
Local
|
canonical
debian
|
ubuntu_linux
debian_linux
|
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute cod…
|
CWE-252
Unchecked Return Value
|
CVE-2017-6964
|
2024-11-21 12:30 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249644
|
5.4 |
MEDIUM
Network
|
metinfo
|
metinfo
|
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6878
|
2024-11-21 12:30 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249645
|
8.1 |
HIGH
Network
|
broadcom
|
bcm4339_soc_firmware
|
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6957
|
2024-11-21 12:30 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249646
|
9.8 |
CRITICAL
Network
|
sap
|
gui_for_windows
|
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-6950
|
2024-11-21 12:30 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249647
|
6.6 |
MEDIUM
Physics
|
usb_pratirodh_project
|
usb_pratirodh
|
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify …
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2017-6911
|
2024-11-21 12:30 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249648
|
9.8 |
CRITICAL
Network
|
usb_pratirodh_project
|
usb_pratirodh
|
USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml.
|
CWE-611
XXE
|
CVE-2017-6895
|
2024-11-21 12:30 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249649
|
9.8 |
CRITICAL
Network
|
alienvault
nfsen
|
ossim
unified_security_management
nfsen
|
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulne…
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2017-6972
|
2024-11-21 12:30 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249650
|
8.8 |
HIGH
Network
|
alienvault
nfsen
|
ossim
unified_security_management
nfsen
|
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving t…
|
CWE-74
Injection
|
CVE-2017-6971
|
2024-11-21 12:30 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
