|
247341
|
5.5 |
MEDIUM
Local
|
blackwave
|
dive_assistant
|
XXE in Dive Assistant - Template Builder in Blackwave Dive Assistant - Desktop Edition 8.0 allows attackers to remotely view local files via a crafted template.xml file.
|
CWE-611
XXE
|
CVE-2017-8918
|
2024-11-21 12:34 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247342
|
5.3 |
MEDIUM
Network
|
elasticsearch
|
x-pack
x-pack_reporting
|
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role cou…
|
CWE-269
Improper Privilege Management
|
CVE-2017-8446
|
2024-11-21 12:34 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247343
|
5.5 |
MEDIUM
Local
|
elastic
|
x-pack
|
An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all cert…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8445
|
2024-11-21 12:34 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247344
|
7.8 |
HIGH
Local
|
microsoft
|
xamarin.ios
|
The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability."
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-8665
|
2024-11-21 12:34 |
2017-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247345
|
9.8 |
CRITICAL
Network
|
microsoft
|
chakracore
|
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8658
|
2024-11-21 12:34 |
2017-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247346
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8518
|
2024-11-21 12:34 |
2017-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247347
|
8.8 |
HIGH
Network
|
microsoft
|
windows_7
windows_server_2008
|
Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an attacker to execute code remotely on a target system when the Windows font library fails to properly handle specially crafted embedded f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8691
|
2024-11-21 12:34 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247348
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content whe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8674
|
2024-11-21 12:34 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247349
|
5.9 |
MEDIUM
Network
|
microsoft
|
windows_10
|
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka "Windows Remote Deskt…
|
NVD-CWE-noinfo
|
CVE-2017-8673
|
2024-11-21 12:34 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247350
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8672
|
2024-11-21 12:34 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
