|
257001
|
8.8 |
HIGH
Network
|
gnu
debian
|
emacs
debian_linux
|
GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell…
|
NVD-CWE-noinfo
|
CVE-2017-14482
|
2024-11-21 12:12 |
2017-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257002
|
5.5 |
MEDIUM
Local
|
xen
|
xen
|
Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-14431
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257003
|
7.5 |
HIGH
Network
|
dlink
|
dir-850l_firmware
|
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allow remote attackers to cause a denial of service (daemon crash) via craft…
|
CWE-20
Improper Input Validation
|
CVE-2017-14430
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257004
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-850l_firmware
|
The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root beca…
|
CWE-78
OS Command
|
CVE-2017-14429
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257005
|
7.8 |
HIGH
Local
|
dlink
|
dir-850l_firmware
|
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/hostapd* permissions.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-14428
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257006
|
7.8 |
HIGH
Local
|
dlink
|
dir-850l_firmware
|
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/storage_account_root permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-14427
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257007
|
7.8 |
HIGH
Local
|
dlink
|
dir-850l_firmware
|
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0644 /var/etc/shadow (aka the /etc/shadow symlink target) permissions.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-14426
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257008
|
7.8 |
HIGH
Local
|
dlink
|
dir-850l_firmware
|
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/etc/hnapasswd permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-14425
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257009
|
7.8 |
HIGH
Local
|
dlink
|
dir-850l_firmware
|
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/passwd permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-14424
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257010
|
7.5 |
HIGH
Network
|
dlink
|
dir-850l_firmware
|
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for rem…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2017-14423
|
2024-11-21 12:12 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
