|
256001
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtm…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-6472
|
2024-11-21 12:29 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256002
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validat…
|
CWE-20
Improper Input Validation
|
CVE-2017-6471
|
2024-11-21 12:29 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256003
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by cons…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-6470
|
2024-11-21 12:29 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256004
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-ldss.c by en…
|
CWE-20
Improper Input Validation
|
CVE-2017-6469
|
2024-11-21 12:29 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256005
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationshi…
|
CWE-20
Improper Input Validation
|
CVE-2017-6468
|
2024-11-21 12:29 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256006
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restr…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-6467
|
2024-11-21 12:29 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256007
|
7.5 |
HIGH
Network
|
zen_mobile_app_native_project
|
zen_mobile_app_native
|
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
|
CWE-287
CWE-434
CWE-732
Improper Authentication
Unrestricted Upload of File with Dangerous Type
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-6104
|
2024-11-21 12:29 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256008
|
6.1 |
MEDIUM
Network
|
anyvar_project
|
anyvar
|
Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6103
|
2024-11-21 12:29 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256009
|
6.1 |
MEDIUM
Network
|
rockhoist_badges_project
|
rockhoist_badges_plugin
|
Persistent XSS in wordpress plugin rockhoist-badges v1.2.2.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6102
|
2024-11-21 12:29 |
2017-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256010
|
8.6 |
HIGH
Network
|
openidc
|
mod_auth_openidc
|
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "Aut…
|
CWE-287
Improper Authentication
|
CVE-2017-6413
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
