|
254021
|
7.8 |
HIGH
Local
|
halliburton
|
logview_pro
|
Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8926
|
2024-11-21 12:34 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254022
|
8.8 |
HIGH
Network
|
mailcow
|
mailcow\
|
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2017-8928
|
2024-11-21 12:34 |
2017-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254023
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-8925
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254024
|
4.6 |
MEDIUM
Physics
|
linux
debian
|
linux_kernel
debian_linux
|
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uniniti…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2017-8924
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254025
|
9.8 |
CRITICAL
Network
|
php
|
php
|
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-8923
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254026
|
7.5 |
HIGH
Network
|
flightgear
|
flightgear
|
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). …
|
CWE-22
Path Traversal
|
CVE-2017-8921
|
2024-11-21 12:34 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254027
|
7.2 |
HIGH
Network
|
cmsmadesimple
|
cms_made_simple
|
CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTa…
|
CWE-94
Code Injection
|
CVE-2017-8912
|
2024-11-21 12:34 |
2017-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254028
|
9.8 |
CRITICAL
Network
|
tnef_project
|
tnef
|
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2017-8911
|
2024-11-21 12:34 |
2017-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254029
|
5.5 |
MEDIUM
Local
|
artifex
|
ghostscript
|
The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8908
|
2024-11-21 12:34 |
2017-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254030
|
4.6 |
MEDIUM
Physics
|
lightdm_project
|
lightdm
|
LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users…
|
NVD-CWE-noinfo
|
CVE-2017-8900
|
2024-11-21 12:34 |
2017-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
