|
256011
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15046
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256012
|
8.1 |
HIGH
Network
|
suse
|
studio_onsite
susestudio-ui-server
|
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in St…
|
CWE-89
SQL Injection
|
CVE-2017-14807
|
2024-11-21 12:13 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256013
|
5.9 |
MEDIUM
Network
|
suse
|
studio_onsite
susestudio-ui-server
|
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages r…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-14806
|
2024-11-21 12:13 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256014
|
9.8 |
CRITICAL
Network
|
labf
|
nfsaxe
|
Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14742
|
2024-11-21 12:13 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256015
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-868l_firmware
dir-890l_firmware
dir-885l_firmware
dir-895l_firmware
dir-880l_firmware
dir-895r_firmware
|
Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cg…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-14948
|
2024-11-21 12:13 |
2019-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256016
|
9.8 |
CRITICAL
Network
|
orpak
|
siteomat
|
A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14854
|
2024-11-21 12:13 |
2019-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256017
|
9.8 |
CRITICAL
Network
|
orpak
|
siteomat
|
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an atta…
|
CWE-94
Code Injection
|
CVE-2017-14853
|
2024-11-21 12:13 |
2019-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256018
|
9.8 |
CRITICAL
Network
|
orpak
|
siteomat
|
An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to captur…
|
CWE-310
Cryptographic Issues
|
CVE-2017-14852
|
2024-11-21 12:13 |
2019-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256019
|
9.8 |
CRITICAL
Network
|
orpak
|
siteomat
|
A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELEC…
|
CWE-89
SQL Injection
|
CVE-2017-14851
|
2024-11-21 12:13 |
2019-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256020
|
6.1 |
MEDIUM
Network
|
orpak
|
siteomat
|
All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. An attacker with acc…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14850
|
2024-11-21 12:13 |
2019-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
