|
248921
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for nul…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7303
|
2024-11-21 12:31 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248922
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7302
|
2024-11-21 12:31 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248923
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does n…
|
CWE-20
Improper Input Validation
|
CVE-2017-7301
|
2024-11-21 12:31 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248924
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (o…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7300
|
2024-11-21 12:31 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248925
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7299
|
2024-11-21 12:31 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248926
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, prevent…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-7285
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248927
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7298
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248928
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trig…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2017-7294
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248929
|
8.8 |
HIGH
Network
|
suse
|
rancher
|
Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/serve…
|
NVD-CWE-noinfo
|
CVE-2017-7297
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248930
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data str…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7277
|
2024-11-21 12:31 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
