|
248991
|
7.4 |
HIGH
Network
|
drupal
|
drupal
|
In Drupal 8 prior to 8.3.7; When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved comme…
|
CWE-269
Improper Privilege Management
|
CVE-2017-6924
|
2024-11-21 12:30 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248992
|
9.8 |
CRITICAL
Network
|
drupal
|
drupal
|
In versions of Drupal 8 core prior to 8.3.7; There is a vulnerability in the entity access system that could allow unwanted access to view, create, update, or delete entities. This only affects entit…
|
NVD-CWE-noinfo
|
CVE-2017-6925
|
2024-11-21 12:30 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248993
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6913
|
2024-11-21 12:30 |
2018-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248994
|
9.8 |
CRITICAL
Network
|
drupal
|
drupal
|
Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.
|
CWE-19
Data Processing Errors
|
CVE-2017-6920
|
2024-11-21 12:30 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248995
|
7.5 |
HIGH
Network
|
cisco
|
emergency_responder
finesse
hosted_collaboration_mediation_fulfillment
mediasense
prime_collaboration_assurance
prime_collaboration_provisioning
prime_license_manager
socialminer…
|
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to c…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-6779
|
2024-11-21 12:30 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248996
|
5.5 |
MEDIUM
Local
|
flac_project
debian
fedoraproject
|
flac
debian_linux
fedora
|
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-6888
|
2024-11-21 12:30 |
2018-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248997
|
7.5 |
HIGH
Network
|
kaazing
tenefit
|
kaazing_gateway
kaazing_websocket_gateway
|
The HTTP and WebSocket engine components in the server in Kaazing Gateway before 4.5.3 hotfix-1, Gateway - JMS Edition before 4.0.5 hotfix-15, 4.0.6 before hotfix-4, 4.0.7, 4.0.9 before hotfix-19, 4.…
|
CWE-200
Information Exposure
|
CVE-2017-6910
|
2024-11-21 12:30 |
2018-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248998
|
8.8 |
HIGH
Network
|
apple
|
iphone_os
safari
tvos
|
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "JavaScriptCore" component. …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7005
|
2024-11-21 12:30 |
2018-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248999
|
7.0 |
HIGH
Local
|
apple
|
mac_os_x
iphone_os
|
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "Security" component. A race condition allows attackers to b…
|
CWE-362
Race Condition
|
CVE-2017-7004
|
2024-11-21 12:30 |
2018-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249000
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
iphone_os
watchos
tvos
|
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involve…
|
CWE-20
Improper Input Validation
|
CVE-2017-7003
|
2024-11-21 12:30 |
2018-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
