|
255681
|
6.1 |
MEDIUM
Network
|
moodle
|
moodle
|
In Moodle 3.x, XSS can occur via evidence of prior learning.
|
CWE-79
Cross-site Scripting
|
CVE-2017-2644
|
2024-11-21 12:23 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255682
|
5.3 |
MEDIUM
Network
|
moodle
|
moodle
|
In Moodle 3.2.x, global search displays user names for unauthenticated users.
|
CWE-200
Information Exposure
|
CVE-2017-2643
|
2024-11-21 12:23 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255683
|
9.8 |
CRITICAL
Network
|
moodle
|
moodle
|
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
|
CWE-89
SQL Injection
|
CVE-2017-2641
|
2024-11-21 12:23 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255684
|
7.0 |
HIGH
Local
|
linux
debian
|
linux_kernel
debian_linux
|
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
|
CWE-362
CWE-415
Race Condition
Double Free
|
CVE-2017-2636
|
2024-11-21 12:23 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255685
|
8.8 |
HIGH
Network
|
puppet
|
mcollective-puppet-agent
|
On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-2290
|
2024-11-21 12:23 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255686
|
7.4 |
HIGH
Network
|
siemens
|
sinumerik_operate
sinumerik_integrate_access_mymachine\/ethernet
sinumerik_integrate_operate_client
|
Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow …
|
CWE-200
Information Exposure
|
CVE-2017-2685
|
2024-11-21 12:23 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255687
|
8.2 |
HIGH
Network
|
siemens
|
ruggedcom_network_management_software
|
A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtainin…
|
CWE-79
Cross-site Scripting
|
CVE-2017-2683
|
2024-11-21 12:23 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255688
|
8.8 |
HIGH
Network
|
siemens
|
ruggedcom_network_management_software
|
The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to…
|
CWE-352
Origin Validation Error
|
CVE-2017-2682
|
2024-11-21 12:23 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255689
|
9.0 |
CRITICAL
Network
|
siemens
|
simatic_logon
|
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level au…
|
NVD-CWE-noinfo
|
CVE-2017-2684
|
2024-11-21 12:23 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255690
|
7.8 |
HIGH
Local
|
apple
|
garageband
|
An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It allows remote attackers to execute arbitrary code or cause a d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2374
|
2024-11-21 12:23 |
2017-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
