|
252501
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9347
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252502
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9346
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252503
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9345
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252504
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
|
CWE-369
Divide By Zero
|
CVE-2017-9344
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252505
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9343
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252506
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large nu…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-9060
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252507
|
6.1 |
MEDIUM
Network
|
markdown_on_save_improved_project
|
markdown_on_save_improved
|
The Markdown on Save Improved plugin 2.5 for WordPress has a stored XSS vulnerability in the content of a post.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9337
|
2024-11-21 12:35 |
2017-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252508
|
6.1 |
MEDIUM
Network
|
wp_editor.md_project
|
wp_editor.md
|
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9336
|
2024-11-21 12:35 |
2017-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252509
|
7.5 |
HIGH
Network
|
call-cc
|
chicken
|
An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of servic…
|
CWE-20
Improper Input Validation
|
CVE-2017-9334
|
2024-11-21 12:35 |
2017-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252510
|
5.4 |
MEDIUM
Network
|
epesi
|
epesi
|
The Agenda component in Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules/Utils/RecordBrowser/RecordBrowserCommon_0.php, which allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9331
|
2024-11-21 12:35 |
2017-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
