|
251001
|
5.9 |
MEDIUM
Network
|
cognitoys
|
stemosaur_firmware
|
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 do not provide sufficient protections against capture-replay attacks, allowing an attacker on the network to replay VoIP tr…
|
CWE-200
Information Exposure
|
CVE-2017-8865
|
2024-11-21 12:34 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251002
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system…
|
CWE-416
Use After Free
|
CVE-2017-8824
|
2024-11-21 12:34 |
2017-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251003
|
8.1 |
HIGH
Network
|
tor_project
debian
|
tor
debian_linux
|
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point e…
|
CWE-416
Use After Free
|
CVE-2017-8823
|
2024-11-21 12:34 |
2017-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251004
|
3.7 |
LOW
Network
|
tor_project
debian
|
tor
debian_linux
|
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick th…
|
CWE-417
Channel and Path Errors
|
CVE-2017-8822
|
2024-11-21 12:34 |
2017-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251005
|
7.5 |
HIGH
Network
|
tor_project
debian
|
tor
debian_linux
|
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8821
|
2024-11-21 12:34 |
2017-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251006
|
7.5 |
HIGH
Network
|
tor_project
debian
|
tor
debian_linux
|
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer deref…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-8820
|
2024-11-21 12:34 |
2017-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251007
|
7.5 |
HIGH
Network
|
tor_project
debian
|
tor
debian_linux
|
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion …
|
NVD-CWE-noinfo
|
CVE-2017-8819
|
2024-11-21 12:34 |
2017-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251008
|
9.8 |
CRITICAL
Network
|
haxx
|
libcurl
curl
|
curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too litt…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8818
|
2024-11-21 12:34 |
2017-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251009
|
9.8 |
CRITICAL
Network
|
haxx
debian
|
libcurl
curl
debian_linux
|
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact v…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8817
|
2024-11-21 12:34 |
2017-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251010
|
9.8 |
CRITICAL
Network
|
haxx
debian
|
libcurl
curl
debian_linux
|
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application cr…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-8816
|
2024-11-21 12:34 |
2017-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
