|
258211
|
9.8 |
CRITICAL
Network
|
pureftpd
fedoraproject
|
pure-ftpd
fedora
|
Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with defau…
|
NVD-CWE-noinfo
|
CVE-2017-12170
|
2024-11-21 12:08 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258212
|
4.4 |
MEDIUM
Local
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-12153
|
2024-11-21 12:08 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258213
|
6.0 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) b…
|
-
|
CVE-2017-12168
|
2024-11-21 12:08 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258214
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
|
CWE-200
Information Exposure
|
CVE-2017-12157
|
2024-11-21 12:08 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258215
|
6.1 |
MEDIUM
Network
|
moodle
|
moodle
|
Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
|
CWE-79
Cross-site Scripting
|
CVE-2017-12156
|
2024-11-21 12:08 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258216
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft E…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11766
|
2024-11-21 12:08 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258217
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scri…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11764
|
2024-11-21 12:08 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258218
|
5.3 |
MEDIUM
Network
|
microsoft
|
exchange_server
|
Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allow an input sanitization issue with Microsoft Exchange that could potentially result in unintended Information Disclosure, aka "Mi…
|
CWE-200
Information Exposure
|
CVE-2017-11761
|
2024-11-21 12:08 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258219
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a sto…
|
CWE-362
Race Condition
|
CVE-2017-12146
|
2024-11-21 12:08 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258220
|
6.5 |
MEDIUM
Network
|
synology
|
photo_station
|
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via th…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-12071
|
2024-11-21 12:08 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
