|
251011
|
9.8 |
CRITICAL
Network
|
sawmill
|
sawmill
|
Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash.
|
CWE-200
Information Exposure
|
CVE-2017-5496
|
2024-11-21 12:27 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251012
|
7.5 |
HIGH
Network
|
easycom-aura
|
sql_iplug
|
EasyCom SQL iPlug allows remote attackers to cause a denial of service via the D$EVAL parameter to the default URI.
|
CWE-20
Improper Input Validation
|
CVE-2017-5359
|
2024-11-21 12:27 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251013
|
9.8 |
CRITICAL
Network
|
easycom-aura
|
easycom_for_php
|
Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5358
|
2024-11-21 12:27 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251014
|
5.4 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated u…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5584
|
2024-11-21 12:27 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251015
|
6.5 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2017-5583
|
2024-11-21 12:27 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251016
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
tableau_desktop
tableau_server
wonderware_intelligence
|
An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is insta…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-5178
|
2024-11-21 12:27 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251017
|
6.1 |
MEDIUM
Network
|
silverstripe
|
silverstripe
|
There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. The attack vector is a page name. An example payload is a crafted JavaScript event handler within a malformed SVG element.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5197
|
2024-11-21 12:27 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251018
|
6.1 |
MEDIUM
Network
|
flexerasoftware
|
flexnet_publisher
|
Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and earlier, as used in Citrix License Server for Windows and the Citrix License S…
|
CWE-601
Open Redirect
|
CVE-2017-5571
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251019
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]).
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5356
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251020
|
7.5 |
HIGH
Network
|
irssi
|
irssi
|
Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5196
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
