|
251311
|
7.8 |
HIGH
Local
|
tenable
|
nessus
|
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issu…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-7199
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251312
|
8.8 |
HIGH
Network
|
cloudflare-scrape_project
|
cloudflare-scrape
|
An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A malicious website owner could craft a page that executes arbitrary Python code against any cfscrape user who scrapes that website. …
|
CWE-20
Improper Input Validation
|
CVE-2017-7235
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251313
|
7.8 |
HIGH
Local
|
pngdefry_project
|
pngdefry
|
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7231
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251314
|
9.8 |
CRITICAL
Network
|
disksorter
|
disk_sorter
|
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7230
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251315
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a nam…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7227
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251316
|
9.1 |
CRITICAL
Network
|
gnu
|
binutils
|
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7226
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251317
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7225
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251318
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a pr…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-7224
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251319
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7223
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251320
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' i…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7222
|
2024-11-21 12:31 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
