|
248891
|
7.5 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames.
|
CWE-20
Improper Input Validation
|
CVE-2017-7394
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248892
|
8.8 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.
|
CWE-415
Double Free
|
CVE-2017-7393
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248893
|
7.5 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-7392
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248894
|
6.1 |
MEDIUM
Network
|
magmi_project
|
magmi
|
A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_ge…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7391
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248895
|
6.1 |
MEDIUM
Network
|
socialnetwork_project
|
socialnetwork
|
A Cross-Site Scripting (XSS) was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data (mail) passed to the 'SocialNetwork-andrea/app/tem…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7390
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248896
|
6.1 |
MEDIUM
Network
|
openeclass
|
openeclass
|
Multiple Cross-Site Scripting (XSS) were discovered in 'openeclass Release_3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data (meeting_id, user) passed to the 'ope…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7389
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248897
|
6.1 |
MEDIUM
Network
|
wallaceit
|
wallacepos
|
A Cross-Site Scripting (XSS) was discovered in 'wallacepos v1.4.1'. The vulnerability exists due to insufficient filtration of user-supplied data (token) passed to the 'wallacepos-master/myaccount/re…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7388
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248898
|
6.1 |
MEDIUM
Network
|
helpmewatchwho_project
|
helpmewatchwho
|
TheFirstQuestion/HelpMeWatchWho before 2017-03-28 is vulnerable to a reflected XSS in HelpMeWatchWho-master/unaired.php (episodeID parameter).
|
CWE-79
Cross-site Scripting
|
CVE-2017-7387
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248899
|
6.1 |
MEDIUM
Network
|
symetrie_project
|
symetrie
|
citymont/symetrie v.0.9.6 is vulnerable to a reflected XSS in symetrie-master/app/commands/page.php (model parameter).
|
CWE-79
Cross-site Scripting
|
CVE-2017-7386
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248900
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring…
|
CWE-476
CWE-416
NULL Pointer Dereference
Use After Free
|
CVE-2017-7374
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
