|
249391
|
9.8 |
CRITICAL
Network
|
tp-link
|
tl-sg108e_firmware
|
On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-8076
|
2024-11-21 12:33 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249392
|
9.8 |
CRITICAL
Network
|
tp-link
|
tl-sg108e_firmware
|
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-8075
|
2024-11-21 12:33 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249393
|
9.8 |
CRITICAL
Network
|
tp-link
|
tl-sg108e_firmware
|
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmw…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-8074
|
2024-11-21 12:33 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249394
|
7.5 |
HIGH
Network
|
weechat
debian
|
weechat
debian_linux
|
WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overfl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8073
|
2024-11-21 12:33 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249395
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local us…
|
CWE-388
7PK - Errors
|
CVE-2017-8072
|
2024-11-21 12:33 |
2017-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249396
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-8071
|
2024-11-21 12:33 |
2017-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249397
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8070
|
2024-11-21 12:33 |
2017-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249398
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memor…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8069
|
2024-11-21 12:33 |
2017-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249399
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memor…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8068
|
2024-11-21 12:33 |
2017-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249400
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (syste…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-8067
|
2024-11-21 12:33 |
2017-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
