|
247961
|
8.1 |
HIGH
Network
|
genivia
|
gsoap
|
Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denia…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-9765
|
2024-11-21 12:36 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247962
|
6.1 |
MEDIUM
Network
|
metinfo
|
metinfo
|
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows remote attackers to inject arbitrary web script or HTML via the Client-IP or X-Forwarded-For HTTP header to /include/stat/stat.php in…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9764
|
2024-11-21 12:36 |
2017-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247963
|
6.1 |
MEDIUM
Network
|
kaspersky
|
anti-virus_for_linux_server
|
In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site sc…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9813
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247964
|
7.5 |
HIGH
Network
|
kaspersky
|
anti-virus_for_linux_server
|
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.31…
|
CWE-200
Information Exposure
|
CVE-2017-9812
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247965
|
9.8 |
CRITICAL
Network
|
kaspersky
|
anti-virus_for_linux_server
|
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine rea…
|
CWE-20
Improper Input Validation
|
CVE-2017-9811
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247966
|
8.8 |
HIGH
Network
|
kaspersky
|
anti-virus_for_linux_server
|
There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacke…
|
CWE-352
Origin Validation Error
|
CVE-2017-9810
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247967
|
7.8 |
HIGH
Local
|
alpinelinux
|
alpine_linux
|
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax h…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9671
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247968
|
7.8 |
HIGH
Local
|
alpinelinux
|
alpine_linux
|
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9669
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247969
|
5.4 |
MEDIUM
Network
|
blackcat-cms
|
blackcat_cms
|
Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9609
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247970
|
7.3 |
HIGH
Network
|
fujielectric
|
v-server
|
An issue was discovered in Fuji Electric V-Server Version 3.3.22.0 and prior. A memory corruption vulnerability has been identified (aka improper restriction of operations within the bounds of a memo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9639
|
2024-11-21 12:36 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
