|
250401
|
7.5 |
HIGH
Network
|
samsung
|
samsung_mobile
|
Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-5351
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250402
|
7.5 |
HIGH
Network
|
samsung
|
samsung_mobile
|
Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122.
|
NVD-CWE-noinfo
|
CVE-2017-5350
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250403
|
7.2 |
HIGH
Network
|
metalgenix
|
genixcms
|
SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/ind…
|
CWE-89
SQL Injection
|
CVE-2017-5347
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250404
|
7.2 |
HIGH
Network
|
genixcms
|
genixcms
|
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin…
|
CWE-89
SQL Injection
|
CVE-2017-5346
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250405
|
8.8 |
HIGH
Network
|
metalgenix
|
genixcms
|
SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default…
|
CWE-89
SQL Injection
|
CVE-2017-5345
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250406
|
9.1 |
CRITICAL
Network
|
libimobiledevice
|
libplist
|
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) vi…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5209
|
2024-11-21 12:27 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250407
|
9.8 |
CRITICAL
Network
|
php
netapp
|
php
clustered_data_ontap
|
Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial o…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5340
|
2024-11-21 12:27 |
2017-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250408
|
5.5 |
MEDIUM
Local
|
netop
|
remote_control
|
Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially design…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5216
|
2024-11-21 12:27 |
2017-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250409
|
5.5 |
MEDIUM
Local
|
samsung
|
samsung_mobile
|
Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. Th…
|
CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error')
Improper Input Validation
|
CVE-2017-5217
|
2024-11-21 12:27 |
2017-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250410
|
5.4 |
MEDIUM
Network
|
tenable
|
nessus
|
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5179
|
2024-11-21 12:27 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
