|
258221
|
5.4 |
MEDIUM
Network
|
wolfcms
|
wolf_cms
|
Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "cr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-11611
|
2024-11-21 12:08 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258222
|
5.9 |
MEDIUM
Network
|
gnu
|
glibc
|
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors rel…
|
CWE-416
Use After Free
|
CVE-2017-12133
|
2024-11-21 12:08 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258223
|
8.8 |
HIGH
Network
|
cesanta
|
mongoose_embedded_web_server_library
|
Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to…
|
CWE-352
Origin Validation Error
|
CVE-2017-11567
|
2024-11-21 12:08 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258224
|
8.2 |
HIGH
Network
|
siemens
ocpfoundation
|
simatic_pcs7
wincc
ua_.net
local_discovery_server
|
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7…
|
CWE-611
XXE
|
CVE-2017-12069
|
2024-11-21 12:08 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258225
|
4.9 |
MEDIUM
Network
|
synology
|
router_manager
|
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resourc…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-12077
|
2024-11-21 12:08 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258226
|
4.9 |
MEDIUM
Network
|
synology
|
diskstation_manager
|
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-12076
|
2024-11-21 12:08 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258227
|
6.5 |
MEDIUM
Network
|
synology
|
dns_server
|
Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name…
|
CWE-22
Path Traversal
|
CVE-2017-12074
|
2024-11-21 12:08 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258228
|
8.8 |
HIGH
Local
|
xen
citrix
debian
|
xen
xenserver
debian_linux
|
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-12137
|
2024-11-21 12:08 |
2017-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258229
|
7.8 |
HIGH
Local
|
xen
citrix
debian
|
xen
xenserver
debian_linux
|
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the hos…
|
CWE-362
Race Condition
|
CVE-2017-12136
|
2024-11-21 12:08 |
2017-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258230
|
8.8 |
HIGH
Local
|
xen
citrix
debian
|
xen
xenserver
debian_linux
|
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
|
CWE-682
Incorrect Calculation
|
CVE-2017-12135
|
2024-11-21 12:08 |
2017-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
