|
248071
|
5.5 |
MEDIUM
Local
|
watchguard
|
panda_antivirus
|
PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8339
|
2024-11-21 12:33 |
2017-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248072
|
8.1 |
HIGH
Network
|
radicale
|
radicale
|
Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.
|
CWE-362
Race Condition
|
CVE-2017-8342
|
2024-11-21 12:33 |
2017-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248073
|
6.5 |
MEDIUM
Network
|
entropymine
|
imageworsener
|
The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-8327
|
2024-11-21 12:33 |
2017-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248074
|
8.8 |
HIGH
Network
|
entropymine
|
imageworsener
|
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (applica…
|
CWE-682
Incorrect Calculation
|
CVE-2017-8326
|
2024-11-21 12:33 |
2017-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248075
|
8.8 |
HIGH
Network
|
entropymine
|
imageworsener
|
The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8325
|
2024-11-21 12:33 |
2017-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248076
|
8.8 |
HIGH
Network
|
roundcube
|
webmail
|
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly rest…
|
CWE-269
Improper Privilege Management
|
CVE-2017-8114
|
2024-11-21 12:33 |
2017-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248077
|
7.5 |
HIGH
Network
|
xstream_project
debian
|
xstream
debian_linux
|
XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application cr…
|
CWE-20
Improper Input Validation
|
CVE-2017-7957
|
2024-11-21 12:33 |
2017-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248078
|
8.8 |
HIGH
Network
|
enalean
phpwiki_project
|
tuleap
phpwiki
|
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before …
|
CWE-78
OS Command
|
CVE-2017-7981
|
2024-11-21 12:33 |
2017-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248079
|
9.8 |
CRITICAL
Network
|
paloaltonetworks
|
pan-os
|
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempt…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2017-7945
|
2024-11-21 12:33 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248080
|
9.8 |
CRITICAL
Network
|
13thmonkey
|
udfclient
|
The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library (e.g., glibc) that lacks its own strlcpy.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8305
|
2024-11-21 12:33 |
2017-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
