|
252521
|
6.5 |
MEDIUM
Network
|
brave
|
brave
|
Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://safe.example.com@unsafe.example.com/ is displayed without a clear UI indication that it is not a resource on the safe.exampl…
|
CWE-74
Injection
|
CVE-2017-8458
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252522
|
7.8 |
HIGH
Local
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8455
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252523
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8454
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252524
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8453
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252525
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory ex…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8421
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252526
|
7.8 |
HIGH
Local
|
lame_project
|
lame
|
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8419
|
2024-11-21 12:34 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252527
|
3.3 |
LOW
Local
|
rubocop_project
|
rubocop
|
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2017-8418
|
2024-11-21 12:34 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252528
|
2.4 |
LOW
Physics
|
avm
|
fritz\!os
|
Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets …
|
CWE-200
Information Exposure
|
CVE-2017-8087
|
2024-11-21 12:33 |
2019-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252529
|
8.8 |
HIGH
Network
|
amcrest
|
ipm-721s_firmware
|
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2017-8230
|
2024-11-21 12:33 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252530
|
9.8 |
CRITICAL
Network
|
amcrest
|
ipm-721s_firmware
|
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using b…
|
CWE-255
Credentials Management
|
CVE-2017-8229
|
2024-11-21 12:33 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
