|
252841
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9348
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252842
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9347
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252843
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9346
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252844
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9345
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252845
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
|
CWE-369
Divide By Zero
|
CVE-2017-9344
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252846
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9343
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252847
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large nu…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-9060
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252848
|
6.1 |
MEDIUM
Network
|
markdown_on_save_improved_project
|
markdown_on_save_improved
|
The Markdown on Save Improved plugin 2.5 for WordPress has a stored XSS vulnerability in the content of a post.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9337
|
2024-11-21 12:35 |
2017-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252849
|
6.1 |
MEDIUM
Network
|
wp_editor.md_project
|
wp_editor.md
|
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9336
|
2024-11-21 12:35 |
2017-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252850
|
7.5 |
HIGH
Network
|
call-cc
|
chicken
|
An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of servic…
|
CWE-20
Improper Input Validation
|
CVE-2017-9334
|
2024-11-21 12:35 |
2017-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
