|
255361
|
6.1 |
MEDIUM
Network
|
kunena
|
kunena
|
In the Kunena extension 5.0.2 through 5.0.4 for Joomla!, the forum message subject (aka topic subject) accepts JavaScript, leading to XSS. Six files are affected: crypsis/layouts/message/item/default…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5673
|
2024-11-21 12:28 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255362
|
8.8 |
HIGH
Network
|
d-link
|
dir-600m_firmware
|
CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to bypass authentication and insert XSS sequences or possibly have unspecified other impact.
|
CWE-352
Origin Validation Error
|
CVE-2017-5874
|
2024-11-21 12:28 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255363
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-5987
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255364
|
5.5 |
MEDIUM
Local
|
virglrenderer_project
|
virglrenderer
|
The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_bu…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5956
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255365
|
2.7 |
LOW
Network
|
opensuse
postfixadmin_project
|
leap
postfixadmin
|
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission ch…
|
CWE-862
Missing Authorization
|
CVE-2017-5930
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255366
|
7.8 |
HIGH
Local
|
gnu
|
screen
|
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
|
CWE-863
Incorrect Authorization
|
CVE-2017-5618
|
2024-11-21 12:28 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255367
|
6.6 |
MEDIUM
Physics
|
oneplus
|
oxygenos
|
An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can change the bootmode of the device by issuing the 'fastboot oem boot_mode {rf/wlan/ftm/normal} command' i…
|
CWE-269
Improper Privilege Management
|
CVE-2017-5623
|
2024-11-21 12:28 |
2017-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255368
|
6.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-5857
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255369
|
6.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via Meg…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-5856
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255370
|
6.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) o…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-5667
|
2024-11-21 12:28 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
