|
254181
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-9039
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254182
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in el…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9038
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254183
|
9.8 |
CRITICAL
Network
|
deluge-torrent
|
deluge
|
The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file.
|
CWE-22
Path Traversal
|
CVE-2017-9031
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254184
|
7.5 |
HIGH
Network
|
codextrous
|
b2j_contact
|
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary…
|
CWE-22
Path Traversal
|
CVE-2017-9030
|
2024-11-21 12:35 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254185
|
9.8 |
CRITICAL
Network
|
hootoo
|
trip_mate_6_firmware
|
Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9026
|
2024-11-21 12:35 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254186
|
6.5 |
MEDIUM
Network
|
hootoo
|
trip_mate_6_firmware
|
Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted HT…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9025
|
2024-11-21 12:35 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254187
|
5.9 |
MEDIUM
Network
|
puma
|
pumatrac
|
The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certi…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8943
|
2024-11-21 12:35 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254188
|
5.9 |
MEDIUM
Network
|
yottamark_inc.
|
shopwell_-_healthy_diet_\&_grocery_food_scanner
|
The YottaMark ShopWell - Healthy Diet & Grocery Food Scanner app 5.3.7 through 5.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof ser…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8942
|
2024-11-21 12:35 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254189
|
5.9 |
MEDIUM
Network
|
interval_international
|
interval_international
|
The Interval International app 3.3 through 3.5.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informatio…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8941
|
2024-11-21 12:35 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254190
|
5.9 |
MEDIUM
Network
|
zipongo_inc.
|
healthy_recipes_and_grocery_deals
|
The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensit…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8940
|
2024-11-21 12:35 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
