|
256851
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
micrologix_1400_b_firmware
|
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted…
|
NVD-CWE-noinfo
|
CVE-2017-14462
|
2024-11-21 12:12 |
2018-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256852
|
5.9 |
MEDIUM
Network
|
fortinet
|
fortiweb
|
An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 up to but not including 6.1.0 under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing…
|
NVD-CWE-noinfo
|
CVE-2017-14191
|
2024-11-21 12:12 |
2018-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256853
|
6.5 |
MEDIUM
Network
|
dell
|
storage_manager
|
In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnera…
|
CWE-22
Path Traversal
|
CVE-2017-14384
|
2024-11-21 12:12 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256854
|
7.1 |
HIGH
Network
|
dovecot
debian
ubuntu
|
dovecot
debian_linux
ubuntu
|
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order…
|
CWE-200
CWE-125
Information Exposure
Out-of-bounds Read
|
CVE-2017-14461
|
2024-11-21 12:12 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256855
|
7.8 |
HIGH
Local
|
apport_project
canonical
|
apport
ubuntu_linux
|
Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14180
|
2024-11-21 12:12 |
2018-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256856
|
7.8 |
HIGH
Local
|
apport_project
canonical
|
apport
ubuntu_linux
|
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of servi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14179
|
2024-11-21 12:12 |
2018-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256857
|
7.5 |
HIGH
Network
|
snapcraft
|
snapd
|
In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's acce…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2017-14178
|
2024-11-21 12:12 |
2018-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256858
|
7.8 |
HIGH
Local
|
apport_project
canonical
|
apport
ubuntu_linux
|
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14177
|
2024-11-21 12:12 |
2018-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256859
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
|
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted "Host" header …
|
CWE-79
Cross-site Scripting
|
CVE-2017-14190
|
2024-11-21 12:12 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256860
|
7.5 |
HIGH
Network
|
wondercms
|
wondercms
|
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can onl…
|
CWE-74
Injection
|
CVE-2017-14523
|
2024-11-21 12:12 |
2018-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
