|
248821
|
6.1 |
MEDIUM
Network
|
novell
netiq
|
imanager
|
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7430
|
2024-11-21 12:31 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248822
|
5.3 |
MEDIUM
Network
|
netiq
|
imanager
|
NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat.
|
CWE-20
Improper Input Validation
|
CVE-2017-7428
|
2024-11-21 12:31 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248823
|
9.8 |
CRITICAL
Network
|
gnulib
|
gnulib
|
Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7476
|
2024-11-21 12:31 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248824
|
6.5 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters.
|
CWE-200
Information Exposure
|
CVE-2017-7216
|
2024-11-21 12:31 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248825
|
7.5 |
HIGH
Network
|
rxvt_project
debian
|
rxvt
debian_linux
|
Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7483
|
2024-11-21 12:31 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248826
|
6.5 |
MEDIUM
Network
|
gfi
|
kerio_connect
kerio_connect_client
|
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjackin…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2017-7440
|
2024-11-21 12:31 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248827
|
7.5 |
HIGH
Network
|
atlassian
|
confluence_server
|
Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.
|
CWE-200
Information Exposure
|
CVE-2017-7415
|
2024-11-21 12:31 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248828
|
7.8 |
HIGH
Local
|
dolby
|
dolby_audio_x2
dolby_audio_x3
|
The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCO…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-7293
|
2024-11-21 12:31 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248829
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7477
|
2024-11-21 12:31 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248830
|
8.8 |
HIGH
Network
|
opentext
|
documentum_content_server
|
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by levera…
|
CWE-89
SQL Injection
|
CVE-2017-7221
|
2024-11-21 12:31 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
