|
247611
|
7.8 |
HIGH
Local
|
wolfssl
|
wolfssl
|
wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8854
|
2024-11-21 12:34 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247612
|
7.5 |
HIGH
Network
|
fiyo
|
fiyo_cms
|
Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.
|
CWE-22
Path Traversal
|
CVE-2017-8853
|
2024-11-21 12:34 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247613
|
6.5 |
MEDIUM
Network
|
allen_disk_project
|
allen_disk
|
Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password.
|
CWE-352
Origin Validation Error
|
CVE-2017-8848
|
2024-11-21 12:34 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247614
|
7.5 |
HIGH
Network
|
libetpan_project
|
libetpan
|
A null dereference vulnerability has been found in the MIME handling component of LibEtPan before 1.8, as used in MailCore and MailCore 2. A crash can occur in low-level/imf/mailimf.c during a failed…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-8825
|
2024-11-21 12:34 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247615
|
5.5 |
MEDIUM
Local
|
long_range_zip_project
|
long_range_zip
|
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted arch…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-8847
|
2024-11-21 12:34 |
2017-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247616
|
5.5 |
MEDIUM
Local
|
long_range_zip_project
debian
|
long_range_zip
debian_linux
|
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.
|
CWE-416
Use After Free
|
CVE-2017-8846
|
2024-11-21 12:34 |
2017-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247617
|
5.5 |
MEDIUM
Local
|
long_range_zip_project
|
long_range_zip
|
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8845
|
2024-11-21 12:34 |
2017-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247618
|
7.8 |
HIGH
Local
|
long_range_zip_project
debian
|
long_range_zip
debian_linux
|
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified oth…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8844
|
2024-11-21 12:34 |
2017-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247619
|
5.5 |
MEDIUM
Local
|
long_range_zip_project
|
long_range_zip
|
The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-8843
|
2024-11-21 12:34 |
2017-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247620
|
5.5 |
MEDIUM
Local
|
long_range_zip_project
|
long_range_zip
|
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.
|
CWE-369
Divide By Zero
|
CVE-2017-8842
|
2024-11-21 12:34 |
2017-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
