|
254161
|
6.1 |
MEDIUM
Network
|
wordpress
debian
|
wordpress
debian_linux
|
In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9063
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254162
|
8.6 |
HIGH
Network
|
wordpress
debian
|
wordpress
debian_linux
|
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
|
CWE-352
CWE-79
CWE-601
Origin Validation Error
Cross-site Scripting
Open Redirect
|
CVE-2017-9062
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254163
|
6.1 |
MEDIUM
Network
|
wordpress
debian
|
wordpress
debian_linux
|
In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filen…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9061
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254164
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an …
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-9059
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254165
|
9.8 |
CRITICAL
Network
|
ytnef_project
canonical
|
ytnef
ubuntu_linux
|
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9058
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254166
|
9.8 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9055
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254167
|
9.8 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In _dwarf_decode_s_leb128_chk() a byte pointer was dereferenced just before it was checked for being in bounds, leading to…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9054
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254168
|
9.1 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9053
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254169
|
9.8 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata() is due to a failure to check a pointer for being in bounds (in a few pl…
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2017-9052
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254170
|
9.8 |
CRITICAL
Network
|
libav
|
libav
|
libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9051
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
