|
249291
|
9.8 |
CRITICAL
Network
|
kinsey
|
infor-lawson
|
Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) …
|
CWE-89
SQL Injection
|
CVE-2017-6550
|
2024-11-21 12:30 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249292
|
9.8 |
CRITICAL
Network
|
cerberus
|
cerberus_ftp_server
|
Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6880
|
2024-11-21 12:30 |
2017-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249293
|
9.1 |
CRITICAL
Network
|
gnu
|
binutils
|
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak a…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6969
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249294
|
7.3 |
HIGH
Network
|
neutrinolabs
|
xrdp
|
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configuration…
|
CWE-287
Improper Authentication
|
CVE-2017-6967
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249295
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid s…
|
CWE-416
Use After Free
|
CVE-2017-6966
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249296
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6965
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249297
|
7.5 |
HIGH
Network
|
apng2gif_project
|
apng2gif
|
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer overflow. This is related to the read_chunk function making an unchecked addition of 12.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6962
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249298
|
5.5 |
MEDIUM
Local
|
apng2gif_project
|
apng2gif
|
An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChun…
|
CWE-20
Improper Input Validation
|
CVE-2017-6961
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249299
|
7.5 |
HIGH
Network
|
apng2gif_project
debian
canonical
|
apng2gif
debian_linux
ubuntu_linux
|
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6960
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249300
|
6.1 |
MEDIUM
Network
|
mantisbt
|
source_integration
|
An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by cr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6958
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
