|
256551
|
7.5 |
HIGH
Network
|
irssi
|
irssi
|
Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5195
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256552
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message.
|
CWE-416
Use After Free
|
CVE-2017-5194
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256553
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5193
|
2024-11-21 12:27 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256554
|
7.8 |
HIGH
Local
|
rapid7
|
metasploit
|
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current wor…
|
CWE-426
Untrusted Search Path
|
CVE-2017-5235
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256555
|
7.8 |
HIGH
Local
|
rapid7
|
insight_collector
|
Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working dir…
|
CWE-426
Untrusted Search Path
|
CVE-2017-5234
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256556
|
7.8 |
HIGH
Local
|
rapid7
|
appspider_pro
|
Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working direc…
|
CWE-426
Untrusted Search Path
|
CVE-2017-5233
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256557
|
7.8 |
HIGH
Local
|
rapid7
|
nexpose
|
All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current worki…
|
CWE-426
Untrusted Search Path
|
CVE-2017-5232
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256558
|
7.1 |
HIGH
Network
|
rapid7
|
metasploit
|
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi CommandDispatcher.cmd_download() function. By using a specia…
|
CWE-22
Path Traversal
|
CVE-2017-5231
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256559
|
7.2 |
HIGH
Network
|
rapid7
|
nexpose
|
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides sto…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-5230
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256560
|
7.1 |
HIGH
Network
|
rapid7
|
metasploit
|
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parse_dump() function. By using a specially-crafte…
|
CWE-22
Path Traversal
|
CVE-2017-5229
|
2024-11-21 12:27 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
