|
248461
|
7.5 |
HIGH
Network
|
ked_password_manager_project
|
ked_password_manager
|
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-8296
|
2024-11-21 12:33 |
2017-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248462
|
7.5 |
HIGH
Network
|
virustotal
|
yara
|
libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_ex…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8294
|
2024-11-21 12:33 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248463
|
9.8 |
CRITICAL
Network
|
riot_project
|
riot
|
Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attac…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8289
|
2024-11-21 12:33 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248464
|
8.1 |
HIGH
Network
|
gnome
|
gnome-shell
|
gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch application…
|
CWE-20
Improper Input Validation
|
CVE-2017-8288
|
2024-11-21 12:33 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248465
|
9.8 |
CRITICAL
Network
|
freetype
|
freetype
|
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8287
|
2024-11-21 12:33 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248466
|
7.0 |
HIGH
Local
|
qemu
|
qemu
|
The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain pri…
|
CWE-94
Code Injection
|
CVE-2017-8284
|
2024-11-21 12:33 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248467
|
9.8 |
CRITICAL
Network
|
debian
|
dpkg
|
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct dire…
|
CWE-22
Path Traversal
|
CVE-2017-8283
|
2024-11-21 12:33 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248468
|
9.8 |
CRITICAL
Network
|
wificam
|
wireless_ip_camera_\(p2p\)_firmware
|
On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-8225
|
2024-11-21 12:33 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248469
|
9.8 |
CRITICAL
Network
|
wificam
|
wireless_ip_camera_\(p2p\)_firmware
|
Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-8224
|
2024-11-21 12:33 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248470
|
7.5 |
HIGH
Network
|
wificam
|
wireless_ip_camera_\(p2p\)_firmware
|
On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0.
|
CWE-287
Improper Authentication
|
CVE-2017-8223
|
2024-11-21 12:33 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
