|
253561
|
8.6 |
HIGH
Network
|
openidc
|
mod_auth_openidc
|
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OID…
|
CWE-287
Improper Authentication
|
CVE-2017-6062
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253562
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6415
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253563
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6387
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253564
|
7.8 |
HIGH
Local
|
radare
|
radare2
|
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified ot…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6319
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253565
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (inva…
|
CWE-415
Double Free
|
CVE-2017-6353
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253566
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted oper…
|
NVD-CWE-noinfo
|
CVE-2017-6348
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253567
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6347
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253568
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithread…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2017-6346
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253569
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possi…
|
CWE-20
Improper Input Validation
|
CVE-2017-6345
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253570
|
9.8 |
CRITICAL
Network
|
vim
|
vim
|
An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6350
|
2024-11-21 12:29 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
