|
247571
|
7.8 |
HIGH
Local
|
kde
|
kauth
kdelibs
|
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2017-8422
|
2024-11-21 12:34 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247572
|
7.8 |
HIGH
Local
|
cgmlarson
|
vizex_reader
|
Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8927
|
2024-11-21 12:34 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247573
|
7.8 |
HIGH
Local
|
halliburton
|
logview_pro
|
Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8926
|
2024-11-21 12:34 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247574
|
8.8 |
HIGH
Network
|
mailcow
|
mailcow\
|
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2017-8928
|
2024-11-21 12:34 |
2017-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247575
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-8925
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247576
|
4.6 |
MEDIUM
Physics
|
linux
debian
|
linux_kernel
debian_linux
|
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uniniti…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2017-8924
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247577
|
9.8 |
CRITICAL
Network
|
php
|
php
|
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-8923
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247578
|
7.5 |
HIGH
Network
|
flightgear
|
flightgear
|
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). …
|
CWE-22
Path Traversal
|
CVE-2017-8921
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247579
|
7.2 |
HIGH
Network
|
cmsmadesimple
|
cms_made_simple
|
CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTa…
|
CWE-94
Code Injection
|
CVE-2017-8912
|
2024-11-21 12:34 |
2017-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247580
|
9.8 |
CRITICAL
Network
|
tnef_project
|
tnef
|
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2017-8911
|
2024-11-21 12:34 |
2017-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
