|
256611
|
8.8 |
HIGH
Network
|
zoneminder
|
zoneminder
|
ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the c…
|
CWE-352
Origin Validation Error
|
CVE-2017-5368
|
2024-11-21 12:27 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256612
|
6.1 |
MEDIUM
Network
|
zoneminder
|
zoneminder
|
Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5367
|
2024-11-21 12:27 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256613
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local…
|
CWE-388
7PK - Errors
|
CVE-2017-5577
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256614
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5576
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256615
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group pri…
|
NVD-CWE-noinfo
|
CVE-2017-5551
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256616
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportu…
|
CWE-200
Information Exposure
|
CVE-2017-5550
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256617
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line sta…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-5549
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256618
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5548
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256619
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5547
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256620
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possi…
|
NVD-CWE-noinfo
|
CVE-2017-5546
|
2024-11-21 12:27 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
