|
255311
|
9.1 |
CRITICAL
Network
|
gnu
|
binutils
|
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7226
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255312
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7225
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255313
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a pr…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-7224
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255314
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7223
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255315
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' i…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7222
|
2024-11-21 12:31 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255316
|
6.1 |
MEDIUM
Network
|
misp_project
|
misp
|
Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7215
|
2024-11-21 12:31 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255317
|
9.8 |
CRITICAL
Network
|
openstack
|
nova
|
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level lo…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-7214
|
2024-11-21 12:31 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255318
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7210
|
2024-11-21 12:31 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255319
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7209
|
2024-11-21 12:31 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255320
|
7.1 |
HIGH
Local
|
libav
|
libav
|
The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7208
|
2024-11-21 12:31 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
