|
256041
|
7.5 |
HIGH
Network
|
digium
|
asterisk
certified_asterisk
|
An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older. A select set of SIP messages create a dialog in Asterisk. Those SIP messages must…
|
CWE-20
Improper Input Validation
|
CVE-2017-17850
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256042
|
9.8 |
CRITICAL
Network
|
getgosoft
|
getgo_download_manager
|
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17849
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256043
|
7.5 |
HIGH
Network
|
enigmail
debian
|
enigmail
debian_linux
|
An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature spoofing is possible for multipart/related messages because a signed message part can be referenced with a …
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2017-17848
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256044
|
7.5 |
HIGH
Network
|
enigmail
debian
|
enigmail
debian_linux
|
An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the enti…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2017-17847
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256045
|
7.5 |
HIGH
Network
|
enigmail
debian
|
enigmail
debian_linux
|
An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial of Service, because of attempts to match arbitrarily long strings, aka TBE-01-003.
|
CWE-20
Improper Input Validation
|
CVE-2017-17846
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256046
|
7.3 |
HIGH
Network
|
enigmail
debian
|
enigmail
debian_linux
|
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random() is used by pretty Easy privacy (pEp), aka TBE-01-001.
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2017-17845
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256047
|
6.5 |
MEDIUM
Network
|
enigmail
debian
|
enigmail
debian_linux
|
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block (that the attacker cannot directly decrypt) to a victim, and relyin…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-17844
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256048
|
5.9 |
MEDIUM
Network
|
enigmail
debian
|
enigmail
debian_linux
|
An issue was discovered in Enigmail before 1.9.9 that allows remote attackers to trigger use of an intended public key for encryption, because incorrect regular expressions are used for extraction of…
|
NVD-CWE-noinfo
|
CVE-2017-17843
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256049
|
7.8 |
HIGH
Local
|
open-iscsi_project
|
open-iscsi
|
An issue was discovered in Open-iSCSI through 2.0.875. A local attacker can cause the iscsiuio server to abort or potentially execute code by sending messages with incorrect lengths, which (due to la…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17840
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256050
|
5.4 |
MEDIUM
Network
|
serverscheck
|
monitoring_software
|
ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settings_SMS_ALERT_TYPE parameter, …
|
CWE-79
Cross-site Scripting
|
CVE-2017-17832
|
2024-11-21 12:18 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
