|
256651
|
4.8 |
MEDIUM
Network
|
eyesofnetwork
|
eyesofnetwork
|
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array par…
|
CWE-79
Cross-site Scripting
|
CVE-2017-15188
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256652
|
9.8 |
CRITICAL
Network
|
zyxel
|
nbg6716_firmware
|
Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.
|
CWE-78
OS Command
|
CVE-2017-15226
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256653
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15225
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256654
|
5.4 |
MEDIUM
Network
|
dotcms
|
dotcms
|
The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Scripting (XSS) affecting a vanity-urls Title field, a containers Description field, and a templates Description field.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15219
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256655
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15193
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256656
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have th…
|
NVD-CWE-noinfo
|
CVE-2017-15192
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256657
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2017-15191
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256658
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable.
|
NVD-CWE-noinfo
|
CVE-2017-15190
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256659
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15189
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256660
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15218
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
