|
246961
|
5.5 |
MEDIUM
Local
|
audiocoding
|
freeware_advanced_audio_decoder_2
|
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9218
|
2024-11-21 12:35 |
2017-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246962
|
6.1 |
MEDIUM
Network
|
tiki
|
tikiwiki_cms\/groupware
|
TikiFilter.php in Tiki Wiki CMS Groupware 12.x through 16.x does not properly validate the imgsize or lang parameter to prevent XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9145
|
2024-11-21 12:35 |
2017-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246963
|
6.1 |
MEDIUM
Network
|
sitecore
|
sitecore.net
|
Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability via the searchStr parameter to the /Search-Results URI.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9356
|
2024-11-21 12:35 |
2017-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246964
|
5.5 |
MEDIUM
Local
|
freeware_advanced_audio_coder_project
|
freeware_advanced_audio_coder
|
The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9130
|
2024-11-21 12:35 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246965
|
5.5 |
MEDIUM
Local
|
audiocoding
|
freeware_advanced_audio_coder
|
The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (large loop) via a crafted wav file.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9129
|
2024-11-21 12:35 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246966
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving co…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9375
|
2024-11-21 12:35 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246967
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplug…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-9374
|
2024-11-21 12:35 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246968
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplug…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-9373
|
2024-11-21 12:35 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246969
|
7.5 |
HIGH
Network
|
citrix
|
xenmobile_server
|
XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3 allows attackers to obtain sensitive information via unspecified vectors.
|
CWE-611
XXE
|
CVE-2017-9231
|
2024-11-21 12:35 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246970
|
9.1 |
CRITICAL
Network
|
hoytech
|
antiweb
|
In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, a…
|
CWE-22
Path Traversal
|
CVE-2017-9097
|
2024-11-21 12:35 |
2017-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
