|
247931
|
8.1 |
HIGH
Network
|
foxitsoftware
|
foxit_pdf
|
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently …
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8059
|
2024-11-21 12:33 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247932
|
5.9 |
MEDIUM
Network
|
atlassian
|
hipchat
|
Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent du…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8058
|
2024-11-21 12:33 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247933
|
5.9 |
MEDIUM
Network
|
wordpress
|
wordpress
|
WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?ac…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2017-8295
|
2024-11-21 12:33 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247934
|
3.8 |
LOW
Local
|
xen
novell
suse
|
xen
suse_linux_enterprise_point_of_sale
openstack_cloud
manager_proxy
manager
suse_linux_enterprise_server
|
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in th…
|
CWE-200
Information Exposure
|
CVE-2017-7995
|
2024-11-21 12:33 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247935
|
6.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-8112
|
2024-11-21 12:33 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247936
|
6.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors inv…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8086
|
2024-11-21 12:33 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247937
|
8.8 |
HIGH
Adjacent
|
360fly
|
4k_camera_firmware
|
360fly 4K cameras allow unauthenticated Wi-Fi password changes and complete access with REST by using the Bluetooth Low Energy pairing procedure, which is available at any time and does not require a…
|
CWE-287
Improper Authentication
|
CVE-2017-8403
|
2024-11-21 12:33 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247938
|
6.5 |
MEDIUM
Network
|
swftools
|
swftools
|
In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attacke…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8401
|
2024-11-21 12:33 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247939
|
8.8 |
HIGH
Network
|
swftools
|
swftools
|
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attack…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-8400
|
2024-11-21 12:33 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247940
|
9.8 |
CRITICAL
Network
|
pcre
|
pcre2
|
PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8399
|
2024-11-21 12:33 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
