|
249961
|
7.5 |
HIGH
Network
|
cerberusftp
|
ftp_server
|
In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.
|
CWE-20
Improper Input Validation
|
CVE-2017-6367
|
2024-11-21 12:29 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249962
|
8.8 |
HIGH
Network
|
keekoonvision
|
kk002_ip_camera_firmware
|
Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng (and the entire set of other pages).
|
CWE-352
Origin Validation Error
|
CVE-2017-6180
|
2024-11-21 12:29 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249963
|
8.8 |
HIGH
Network
|
zammad
|
zammad
|
A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. To exploit the vulnerability, an attacker can send cross-domain requests directly to the REST API for u…
|
CWE-352
Origin Validation Error
|
CVE-2017-6081
|
2024-11-21 12:29 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249964
|
9.8 |
CRITICAL
Network
|
zammad
|
zammad
|
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. To exploit the vulnerabilit…
|
CWE-352
Origin Validation Error
|
CVE-2017-6080
|
2024-11-21 12:29 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249965
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-6444
|
2024-11-21 12:29 |
2017-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249966
|
9.9 |
CRITICAL
Network
|
softaculous
|
whmcs_reseller_module
|
The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by V…
|
CWE-275
Permission Issues
|
CVE-2017-6513
|
2024-11-21 12:29 |
2017-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249967
|
8.1 |
HIGH
Network
|
f-secure
|
software_updater
|
F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-…
|
CWE-20
Improper Input Validation
|
CVE-2017-6466
|
2024-11-21 12:29 |
2017-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249968
|
9.8 |
CRITICAL
Network
|
azure_dex
|
data_expert_ultimate
|
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that se…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6506
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249969
|
7.5 |
HIGH
Network
|
evostream
|
media_server
|
A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6427
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249970
|
5.5 |
MEDIUM
Local
|
freedesktop
|
virglrenderer
|
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6355
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
