|
257941
|
8.8 |
HIGH
Network
|
adobe
redhat
|
flash_player_desktop_runtime
flash_player
enterprise_linux
enterprise_linux_desktop
enterprise_linux_workstation
|
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-3069
|
2024-11-21 12:24 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257942
|
8.8 |
HIGH
Network
|
adobe
redhat
|
flash_player_desktop_runtime
flash_player
enterprise_linux
enterprise_linux_desktop
enterprise_linux_workstation
|
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execut…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-3068
|
2024-11-21 12:24 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257943
|
7.5 |
HIGH
Network
|
adobe
|
experience_manager_forms
|
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.
|
CWE-200
Information Exposure
|
CVE-2017-3067
|
2024-11-21 12:24 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257944
|
6.1 |
MEDIUM
Network
|
adobe
|
coldfusion
|
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2017-3008
|
2024-11-21 12:24 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257945
|
7.3 |
HIGH
Network
|
apache
|
hadoop
|
HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0.
|
CWE-20
Improper Input Validation
|
CVE-2017-3162
|
2024-11-21 12:24 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257946
|
6.1 |
MEDIUM
Network
|
apache
|
hadoop
|
The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-3161
|
2024-11-21 12:24 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257947
|
3.3 |
LOW
Local
|
lexmark
|
perceptive_document_filters
|
An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory d…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-2806
|
2024-11-21 12:24 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257948
|
8.1 |
HIGH
Network
|
arm
|
mbed_tls
|
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 cert…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-2784
|
2024-11-21 12:24 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257949
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortimail
|
An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in the security context of the browser of a victim logged in F…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3125
|
2024-11-21 12:24 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257950
|
7.8 |
HIGH
Local
|
adobe
|
acrobat
acrobat_dc
acrobat_reader_dc
reader
|
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Succe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3065
|
2024-11-21 12:24 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
