|
258231
|
8.8 |
HIGH
Local
|
xen
citrix
|
xen
xenserver
|
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cau…
|
CWE-682
Incorrect Calculation
|
CVE-2017-12134
|
2024-11-21 12:08 |
2017-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258232
|
8.8 |
HIGH
Network
|
supervisord
fedoraproject
debian
redhat
|
supervisor
fedora
debian_linux
cloudforms
|
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC req…
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-11610
|
2024-11-21 12:08 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258233
|
7.8 |
HIGH
Local
|
razer
|
synapse
|
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNati…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-11653
|
2024-11-21 12:08 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258234
|
8.4 |
HIGH
Local
|
razer
|
synapse
|
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-11652
|
2024-11-21 12:08 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258235
|
6.5 |
MEDIUM
Network
|
mindwerks
|
wildmidi
|
The _WM_SetupMidiEvent function in internal_midi.c:2122 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11664
|
2024-11-21 12:08 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258236
|
6.5 |
MEDIUM
Network
|
mindwerks
|
wildmidi
|
The _WM_SetupMidiEvent function in internal_midi.c:2315 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11663
|
2024-11-21 12:08 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258237
|
7.5 |
HIGH
Network
|
mindwerks
|
wildmidi
|
The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11662
|
2024-11-21 12:08 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258238
|
7.5 |
HIGH
Network
|
mindwerks
|
wildmidi
|
The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11661
|
2024-11-21 12:08 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258239
|
8.8 |
HIGH
Local
|
hashicorp
|
vagrant_vmware_fusion
|
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges b…
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-11741
|
2024-11-21 12:08 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258240
|
7.3 |
HIGH
Local
|
dashlane
|
dashlane
|
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-11657
|
2024-11-21 12:08 |
2017-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
