|
248821
|
6.5 |
MEDIUM
Network
|
podofo_project
|
podofo
|
The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7994
|
2024-11-21 12:33 |
2017-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248822
|
6.1 |
MEDIUM
Network
|
heartland_payment_systems
|
heartland-php
|
Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php v2.8.17 is vulnerable to a reflected XSS in examples/consumer-authentication/cruise.php via the URI, as demonstrated by the cavv pa…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7992
|
2024-11-21 12:33 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248823
|
8.8 |
HIGH
Network
|
wondercms
|
wondercms
|
WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context.
|
CWE-352
Origin Validation Error
|
CVE-2017-7951
|
2024-11-21 12:33 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248824
|
8.8 |
HIGH
Network
|
openmrs
|
openmrs_module_reporting
|
The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageRepor…
|
CWE-352
Origin Validation Error
|
CVE-2017-7990
|
2024-11-21 12:33 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248825
|
5.3 |
MEDIUM
Network
|
watchguard
|
fireware
|
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends…
|
CWE-611
XXE
|
CVE-2017-8056
|
2024-11-21 12:33 |
2017-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248826
|
5.5 |
MEDIUM
Local
|
libimobiledevice
|
libplist
|
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and applic…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-7982
|
2024-11-21 12:33 |
2017-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248827
|
9.8 |
CRITICAL
Network
|
mor-pah.net
|
dmitry_deepmagic_information_gathering_tool
|
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7938
|
2024-11-21 12:33 |
2017-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248828
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denia…
|
CWE-20
Improper Input Validation
|
CVE-2017-7979
|
2024-11-21 12:33 |
2017-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248829
|
7.5 |
HIGH
Network
|
samsung
|
samsung_mobile
|
Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is…
|
CWE-200
Information Exposure
|
CVE-2017-7978
|
2024-11-21 12:33 |
2017-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248830
|
7.1 |
HIGH
Local
|
artifex
|
jbig2dec
|
Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-7976
|
2024-11-21 12:33 |
2017-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
