|
254921
|
7.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
|
NVD-CWE-noinfo
|
CVE-2017-17566
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254922
|
5.6 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion …
|
CWE-20
Improper Input Validation
|
CVE-2017-17565
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254923
|
7.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference count…
|
CWE-388
7PK - Errors
|
CVE-2017-17564
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254924
|
7.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overfl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17563
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254925
|
7.2 |
HIGH
Network
|
seacms_project
|
seacms
|
SeaCMS 6.56 allows remote authenticated administrators to execute arbitrary PHP code via a crafted token field to admin/admin_ping.php, which interacts with data/admin/ping.php.
|
NVD-CWE-noinfo
|
CVE-2017-17561
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254926
|
9.8 |
CRITICAL
Network
|
westerndigital
|
my_cloud_pr4100_firmware
|
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is…
|
CWE-287
Improper Authentication
|
CVE-2017-17560
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254927
|
6.6 |
MEDIUM
Physics
|
linux
suse
|
linux_kernel
linux_enterprise_server
|
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces …
|
CWE-787
Out-of-bounds Write
|
CVE-2017-17558
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254928
|
6.5 |
MEDIUM
Network
|
aubio
ffmpeg
|
aubio
ffmpeg
libswresample
|
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of servi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17555
|
2024-11-21 12:18 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254929
|
5.5 |
MEDIUM
Local
|
aubio
|
aubio
|
A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17554
|
2024-11-21 12:18 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254930
|
5.3 |
MEDIUM
Network
|
changyou
|
dolphin
|
The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing implementation of the Intent URI scheme. This vulnerability could allow attackers to abuse this implementation through a malici…
|
NVD-CWE-noinfo
|
CVE-2017-17553
|
2024-11-21 12:18 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
