|
248871
|
8.8 |
HIGH
Network
|
cloudflare-scrape_project
|
cloudflare-scrape
|
An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A malicious website owner could craft a page that executes arbitrary Python code against any cfscrape user who scrapes that website. …
|
CWE-20
Improper Input Validation
|
CVE-2017-7235
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248872
|
7.8 |
HIGH
Local
|
pngdefry_project
|
pngdefry
|
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7231
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248873
|
9.8 |
CRITICAL
Network
|
disksorter
|
disk_sorter
|
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7230
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248874
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a nam…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7227
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248875
|
9.1 |
CRITICAL
Network
|
gnu
|
binutils
|
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7226
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248876
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7225
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248877
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a pr…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-7224
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248878
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7223
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248879
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' i…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7222
|
2024-11-21 12:31 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248880
|
6.1 |
MEDIUM
Network
|
misp_project
|
misp
|
Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7215
|
2024-11-21 12:31 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
