|
247421
|
5.7 |
MEDIUM
Network
|
horde
|
horde_image
|
Denial of Service was found in Horde_Image 2.x before 2.5.0 via a crafted URL to the "Null" image driver.
|
CWE-20
Improper Input Validation
|
CVE-2017-9773
|
2024-11-21 12:36 |
2017-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247422
|
7.8 |
HIGH
Local
|
flatpak
debian
|
flatpak
debian_linux
|
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-9780
|
2024-11-21 12:36 |
2017-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247423
|
5.5 |
MEDIUM
Local
|
gnu
|
gdb
|
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a …
|
CWE-20
CWE-770
Improper Input Validation
Allocation of Resources Without Limits or Throttling
|
CVE-2017-9778
|
2024-11-21 12:36 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247424
|
9.8 |
CRITICAL
Network
|
websitebaker
|
websitebaker
|
install\save.php in WebsiteBaker v2.10.0 allows remote attackers to execute arbitrary PHP code via the database_username, database_host, or database_password parameter.
|
CWE-94
Code Injection
|
CVE-2017-9771
|
2024-11-21 12:36 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247425
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet…
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-9766
|
2024-11-21 12:36 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247426
|
7.5 |
HIGH
Network
|
radare
|
radare2
|
The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack us…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9763
|
2024-11-21 12:36 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247427
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.
|
CWE-416
Use After Free
|
CVE-2017-9762
|
2024-11-21 12:36 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247428
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9761
|
2024-11-21 12:36 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247429
|
8.8 |
HIGH
Network
|
zenbership
|
zenbership
|
SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the filters array parameter, exploitable by a privileged account.
|
CWE-89
SQL Injection
|
CVE-2017-9759
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247430
|
8.8 |
HIGH
Network
|
ipfire
|
ipfire
|
IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.
|
CWE-78
OS Command
|
CVE-2017-9757
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
