|
248321
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_defender
forefront_endpoint_protection
security_essentials
endpoint_protection
system_center_endpoint_protection
windows_intune_endpoint_protection
exchange_server
|
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and…
|
CWE-119
CWE-369
CWE-476
CWE-674
Incorrect Access of Indexable Resource ('Range Error')
Divide By Zero
NULL Pointer Dereference
Uncontrolled Recursion
|
CVE-2017-8535
|
2024-11-21 12:34 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248322
|
7.5 |
HIGH
Network
|
sap
|
hana_xs
|
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar s…
|
CWE-617
Reachable Assertion
|
CVE-2017-8915
|
2024-11-21 12:34 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248323
|
8.3 |
HIGH
Network
|
sap
|
hana_xs
|
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694.
|
NVD-CWE-noinfo
|
CVE-2017-8914
|
2024-11-21 12:34 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248324
|
8.8 |
HIGH
Network
|
sap
|
netweaver_application_server_java
|
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/se…
|
CWE-611
XXE
|
CVE-2017-8913
|
2024-11-21 12:34 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248325
|
4.6 |
MEDIUM
Physics
|
whatsapp
|
whatsapp
|
Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for cleartext storage of files (Audio, Documents, Images, Video, and Voice Notes) associated with a chat, even after that chat…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2017-8769
|
2024-11-21 12:34 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248326
|
9.8 |
CRITICAL
Network
|
joomla
|
joomla\!
|
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-8917
|
2024-11-21 12:34 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248327
|
7.8 |
HIGH
Local
|
smb4k_project
debian
|
smb4k
debian_linux
|
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.
|
CWE-20
Improper Input Validation
|
CVE-2017-8849
|
2024-11-21 12:34 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248328
|
7.8 |
HIGH
Local
|
kde
|
kauth
kdelibs
|
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2017-8422
|
2024-11-21 12:34 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248329
|
7.8 |
HIGH
Local
|
cgmlarson
|
vizex_reader
|
Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8927
|
2024-11-21 12:34 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248330
|
7.8 |
HIGH
Local
|
halliburton
|
logview_pro
|
Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8926
|
2024-11-21 12:34 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
