|
255311
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (action, userid) passed to the 'Gazell…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7249
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255312
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (type) passed to the 'Gazelle-master/sections/b…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7248
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255313
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (torrents, size) passed to the 'Gazell…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7247
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255314
|
7.8 |
HIGH
Local
|
pcre
|
pcre
|
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unsp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7246
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255315
|
7.8 |
HIGH
Local
|
pcre
|
pcre
|
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7245
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255316
|
5.5 |
MEDIUM
Local
|
pcre
|
pcre
|
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7244
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255317
|
6.1 |
MEDIUM
Network
|
slims
|
slims7_cendana
|
Multiple Cross-Site Scripting (XSS) were discovered in admin/modules components in SLiMS 7 Cendana through 2017-03-23: the keywords parameter to bibliography/checkout_item.php, bibliography/dl_print.…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7242
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255318
|
7.8 |
HIGH
Local
|
tenable
|
nessus
|
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issu…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-7199
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255319
|
8.8 |
HIGH
Network
|
cloudflare-scrape_project
|
cloudflare-scrape
|
An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A malicious website owner could craft a page that executes arbitrary Python code against any cfscrape user who scrapes that website. …
|
CWE-20
Improper Input Validation
|
CVE-2017-7235
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255320
|
7.8 |
HIGH
Local
|
pngdefry_project
|
pngdefry
|
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7231
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
