|
250091
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packe…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-6214
|
2024-11-21 12:29 |
2017-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250092
|
7.5 |
HIGH
Network
|
dlink
|
websmart_dgs-1510_series_firmware
|
D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated I…
|
CWE-200
Information Exposure
|
CVE-2017-6206
|
2024-11-21 12:29 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250093
|
9.8 |
CRITICAL
Network
|
dlink
|
websmart_dgs-1510_series_firmware
|
D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated C…
|
NVD-CWE-noinfo
|
CVE-2017-6205
|
2024-11-21 12:29 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250094
|
9.8 |
CRITICAL
Network
|
disksavvy
|
disksavvy_enterprise
|
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6187
|
2024-11-21 12:29 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250095
|
5.5 |
MEDIUM
Local
|
munin-monitoring
debian
|
munin
debian_linux
|
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.
|
CWE-20
Improper Input Validation
|
CVE-2017-6188
|
2024-11-21 12:29 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250096
|
8.8 |
HIGH
Network
|
digisol
|
dg-hr1400_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the access portal on the DIGISOL DG-HR1400 Wireless Router with firmware 1.00.02 allow remote attackers to hijack the authentication of a…
|
CWE-352
Origin Validation Error
|
CVE-2017-6127
|
2024-11-21 12:29 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250097
|
7.2 |
HIGH
Network
|
mail-masta_project
|
mail-masta
|
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parame…
|
CWE-89
SQL Injection
|
CVE-2017-6098
|
2024-11-21 12:29 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250098
|
7.2 |
HIGH
Network
|
mail-masta_project
|
mail-masta
|
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the PO…
|
CWE-89
SQL Injection
|
CVE-2017-6097
|
2024-11-21 12:29 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250099
|
7.2 |
HIGH
Network
|
mail-masta_project
|
mail-masta
|
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Param…
|
CWE-89
SQL Injection
|
CVE-2017-6096
|
2024-11-21 12:29 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250100
|
9.8 |
CRITICAL
Network
|
mail-masta_project
|
mail-masta
|
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
|
CWE-89
SQL Injection
|
CVE-2017-6095
|
2024-11-21 12:29 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
