|
252571
|
4.8 |
MEDIUM
Network
|
openstack
|
horizon
|
OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7400
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252572
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7383
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252573
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7382
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252574
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7381
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252575
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7380
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252576
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) v…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7379
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252577
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PD…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7378
|
2024-11-21 12:31 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252578
|
7.5 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-7396
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252579
|
6.5 |
MEDIUM
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-7395
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252580
|
7.5 |
HIGH
Network
|
tigervnc
|
tigervnc
|
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames.
|
CWE-20
Improper Input Validation
|
CVE-2017-7394
|
2024-11-21 12:31 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
