|
257911
|
5.5 |
MEDIUM
Local
|
sound_exchange_project
debian
|
sound_exchange
debian_linux
|
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an …
|
CWE-617
Reachable Assertion
|
CVE-2017-15371
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257912
|
5.5 |
MEDIUM
Local
|
sound_exchange_project
debian
|
sound_exchange
debian_linux
|
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15370
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257913
|
7.8 |
HIGH
Local
|
artifex
|
mupdf
|
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a de…
|
CWE-416
Use After Free
|
CVE-2017-15369
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257914
|
7.8 |
HIGH
Local
|
radare
|
radare2
|
The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecif…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-15368
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257915
|
6.1 |
MEDIUM
Network
|
osticket
|
osticket
|
osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-15362
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257916
|
7.8 |
HIGH
Local
|
cpuid
|
cpu-z
|
In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-15303
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257917
|
5.5 |
MEDIUM
Local
|
ccsv_project
|
ccsv
|
The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file.
|
CWE-415
Double Free
|
CVE-2017-15364
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257918
|
7.5 |
HIGH
Network
|
luracast
|
restler
|
Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to rea…
|
CWE-22
Path Traversal
|
CVE-2017-15363
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257919
|
5.4 |
MEDIUM
Network
|
paessler
|
prtg_network_monitor
|
PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15360
|
2024-11-21 12:14 |
2017-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257920
|
5.3 |
MEDIUM
Network
|
ewbf
|
cuda_zcash_miner
|
The miner statistics HTTP API in EWBF Cuda Zcash Miner Version 0.3.4b hangs on incoming TCP connections until some sort of request is made (such as "GET / HTTP/1.1"), which allows for a Denial of Ser…
|
NVD-CWE-noinfo
|
CVE-2017-15300
|
2024-11-21 12:14 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
