|
255611
|
6.1 |
MEDIUM
Network
|
hashover_project
|
hashover
|
An issue was discovered in HashOver 2.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the 'hashover/scripts/widget-output.php' URL. An attacker could execut…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6395
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255612
|
6.1 |
MEDIUM
Network
|
open-emr
|
openemr
|
Multiple Cross-Site Scripting (XSS) issues were discovered in OpenEMR 5.0.0 and 5.0.1-dev. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to the "openemr-master…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6394
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255613
|
6.1 |
MEDIUM
Network
|
nagvis
|
nagvis
|
An issue was discovered in NagVis 1.9b12. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "nagvis-master/share/userfiles/gadgets/std_table.php" URL. An att…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6393
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255614
|
6.1 |
MEDIUM
Network
|
kaltura
|
kaltura_server
|
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "server-Lynx-12.11.0/admin_console/web/tools/XmlJWP…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6392
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255615
|
6.1 |
MEDIUM
Network
|
kaltura
|
kaltura_server
|
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "admin_console/web/tools/SimpleJWPlayer.php" URL, t…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6391
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255616
|
6.1 |
MEDIUM
Network
|
soruly
|
whatanime.ga
|
An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "whatanime.ga-mast…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6390
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255617
|
7.5 |
HIGH
Network
|
atheme
|
atheme
|
Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed i…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-6384
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255618
|
8.6 |
HIGH
Network
|
openidc
|
mod_auth_openidc
|
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OID…
|
CWE-287
Improper Authentication
|
CVE-2017-6062
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255619
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6415
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255620
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6387
|
2024-11-21 12:29 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
