|
265451
|
8.2 |
HIGH
Local
|
sudo_project
|
sudo
|
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command executio…
|
CWE-20
Improper Input Validation
|
CVE-2017-1000368
|
2024-11-21 12:04 |
2017-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265452
|
6.4 |
MEDIUM
Local
|
sudo_project
|
sudo
|
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
|
CWE-362
Race Condition
|
CVE-2017-1000367
|
2024-11-21 12:04 |
2017-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265453
|
7.5 |
HIGH
Network
|
opendaylight
|
opendaylight
|
DOMRpcImplementationNotAvailableException when sending Port-Status packets to OpenDaylight. Controller launches exceptions and consumes more CPU resources. Component: OpenDaylight is vulnerable to th…
|
NVD-CWE-noinfo
|
CVE-2017-1000361
|
2024-11-21 12:04 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265454
|
5.3 |
MEDIUM
Network
|
opendaylight
|
opendaylight
|
StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Ver…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-1000360
|
2024-11-21 12:04 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265455
|
5.3 |
MEDIUM
Network
|
opendaylight
|
opendaylight
|
Java out of memory error and significant increase in resource consumption. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-1000359
|
2024-11-21 12:04 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265456
|
6.5 |
MEDIUM
Network
|
opendaylight
|
opendaylight
|
Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is af…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-1000358
|
2024-11-21 12:04 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265457
|
7.5 |
HIGH
Network
|
opendaylight
|
opendaylight
|
Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for t…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-1000357
|
2024-11-21 12:04 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265458
|
7.5 |
HIGH
Network
|
wordpress
|
wordpress
|
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows …
|
NVD-CWE-noinfo
|
CVE-2017-1001000
|
2024-11-21 12:04 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265459
|
7.5 |
HIGH
Network
|
ui
|
airos
edgemax_firmware
|
Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.
|
CWE-20
Improper Input Validation
|
CVE-2017-0938
|
2024-11-21 12:03 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265460
|
7.5 |
HIGH
Network
|
dnnsoftware
|
dotnetnuke
|
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network reso…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-0929
|
2024-11-21 12:03 |
2018-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
