|
259561
|
7.8 |
HIGH
Local
|
mp3gain
|
mp3gain
|
A stack-based buffer overflow was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14411
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259562
|
5.5 |
MEDIUM
Local
|
mp3gain
|
mp3gain
|
A buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14410
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259563
|
7.8 |
HIGH
Local
|
mp3gain
|
mp3gain
|
A buffer overflow was discovered in III_dequantize_sample in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of …
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14409
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259564
|
5.5 |
MEDIUM
Local
|
mp3gain
|
mp3gain
|
A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of servi…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14408
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259565
|
5.5 |
MEDIUM
Local
|
mp3gain
|
mp3gain
|
A stack-based buffer over-read was discovered in filterYule in gain_analysis.c in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14407
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259566
|
5.5 |
MEDIUM
Local
|
mp3gain
|
mp3gain
|
A NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which lead…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14406
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259567
|
7.2 |
HIGH
Network
|
eyesofnetwork
|
eyesofnetwork
|
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote command execution via shell metacharacters in a hosts_cacti array parameter to module/admin_device/index.php.
|
CWE-78
OS Command
|
CVE-2017-14405
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259568
|
7.5 |
HIGH
Network
|
eyesofnetwork
|
eyesofnetwork
|
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file inclusion via the tool_list parameter (aka the url_tool variable) to module/tool_all/select_tool.php, as demonstrated by a tool_li…
|
CWE-200
Information Exposure
|
CVE-2017-14404
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259569
|
9.8 |
CRITICAL
Network
|
eyesofnetwork
|
eyesofnetwork
|
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php.
|
CWE-89
SQL Injection
|
CVE-2017-14403
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259570
|
9.8 |
CRITICAL
Network
|
eyesofnetwork
|
eyesofnetwork
|
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT CREATION" section, related to lack of input v…
|
CWE-89
SQL Injection
|
CVE-2017-14402
|
2024-11-21 12:12 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
