|
256431
|
7.8 |
HIGH
Local
|
ntp
|
ntp
|
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/dat…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6462
|
2024-11-21 12:29 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256432
|
8.8 |
HIGH
Network
|
ntp
|
ntp
|
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction l…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6460
|
2024-11-21 12:29 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256433
|
5.5 |
MEDIUM
Local
|
ntp
|
ntp
|
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6459
|
2024-11-21 12:29 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256434
|
8.8 |
HIGH
Network
|
ntp
hpe
apple
siemens
|
ntp
hpux-ntp
mac_os_x
simatic_net_cp_443-1_opc_ua_firmware
|
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6458
|
2024-11-21 12:29 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256435
|
7.0 |
HIGH
Local
|
ntp
|
ntp
|
NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.
|
CWE-94
Code Injection
|
CVE-2017-6455
|
2024-11-21 12:29 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256436
|
7.8 |
HIGH
Local
|
ntp
|
ntp
|
Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6452
|
2024-11-21 12:29 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256437
|
7.8 |
HIGH
Local
|
ntp
|
ntp
|
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to e…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-6451
|
2024-11-21 12:29 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256438
|
8.8 |
HIGH
Network
|
intelliants
|
subrion_cms
|
Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any tag, and can optionally insert XSS via the tags parameter.
|
CWE-352
Origin Validation Error
|
CVE-2017-6069
|
2024-11-21 12:29 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256439
|
8.8 |
HIGH
Network
|
intelliants
|
subrion_cms
|
Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter.
|
CWE-352
Origin Validation Error
|
CVE-2017-6068
|
2024-11-21 12:29 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256440
|
6.1 |
MEDIUM
Network
|
getsymphony
|
symphony
|
Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom form field.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6067
|
2024-11-21 12:29 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
