|
257111
|
9.8 |
CRITICAL
Network
|
tcpdump
|
tcpdump
|
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13689
|
2024-11-21 12:11 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257112
|
9.8 |
CRITICAL
Network
|
tcpdump
|
tcpdump
|
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13688
|
2024-11-21 12:11 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257113
|
9.8 |
CRITICAL
Network
|
tcpdump
debian
|
tcpdump
debian_linux
|
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13687
|
2024-11-21 12:11 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257114
|
5.4 |
MEDIUM
Network
|
axesstel
|
mu553s_firmware
|
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page.
|
CWE-79
Cross-site Scripting
|
CVE-2017-13724
|
2024-11-21 12:11 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257115
|
9.8 |
CRITICAL
Network
|
lexmark
|
scan_to_network
|
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-13771
|
2024-11-21 12:11 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257116
|
5.4 |
MEDIUM
Network
|
wibu
|
codemeter
|
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2017-13754
|
2024-11-21 12:11 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257117
|
8.8 |
HIGH
Network
|
twsz
|
wifi_repeater_firmware
|
T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.
|
CWE-78
OS Command
|
CVE-2017-13713
|
2024-11-21 12:11 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257118
|
7.5 |
HIGH
Network
|
qemu
debian
|
qemu
debian_linux
|
Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properl…
|
CWE-416
Use After Free
|
CVE-2017-13711
|
2024-11-21 12:11 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257119
|
7.8 |
HIGH
Local
|
symantec
|
proxyclient
|
Symantec ProxyClient 3.4 for Windows is susceptible to a privilege escalation vulnerability. A malicious local Windows user can, under certain circumstances, exploit this vulnerability to escalate th…
|
NVD-CWE-noinfo
|
CVE-2017-13674
|
2024-11-21 12:11 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257120
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vector…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13672
|
2024-11-21 12:11 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
