|
258581
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-16646
|
2024-11-21 12:16 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258582
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-16645
|
2024-11-21 12:16 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258583
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or poss…
|
CWE-388
7PK - Errors
|
CVE-2017-16644
|
2024-11-21 12:16 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258584
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or pos…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-16643
|
2024-11-21 12:16 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258585
|
9.8 |
CRITICAL
Network
|
ingenious_school_management_system_project
|
ingenious_school_management_system
|
/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request.
|
CWE-89
SQL Injection
|
CVE-2017-16561
|
2024-11-21 12:16 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258586
|
7.5 |
HIGH
Network
|
php
debian
canonical
netapp
|
php
debian_linux
ubuntu_linux
storage_automation_store
clustered_data_ontap
|
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-16642
|
2024-11-21 12:16 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258587
|
7.2 |
HIGH
Network
|
cacti
|
cacti
|
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.
|
CWE-78
OS Command
|
CVE-2017-16641
|
2024-11-21 12:16 |
2017-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258588
|
9.8 |
CRITICAL
Network
|
vde_project
|
vde
|
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-16638
|
2024-11-21 12:16 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258589
|
4.4 |
MEDIUM
Local
|
perfect-privacy
|
vpn_manager
|
In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdva…
|
CWE-20
Improper Input Validation
|
CVE-2017-16637
|
2024-11-21 12:16 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258590
|
5.4 |
MEDIUM
Network
|
bludit
|
bludit
|
In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validatio…
|
CWE-79
Cross-site Scripting
|
CVE-2017-16636
|
2024-11-21 12:16 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
