|
264091
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_applications_manager
|
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
|
CWE-89
SQL Injection
|
CVE-2017-16542
|
2024-11-21 12:16 |
2017-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264092
|
7.5 |
HIGH
Network
|
open-emr
|
openemr
|
OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL serv…
|
CWE-200
Information Exposure
|
CVE-2017-16540
|
2024-11-21 12:16 |
2017-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264093
|
6.5 |
MEDIUM
Network
|
torproject
redhat
debian
|
tor
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
debian_linux
|
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages f…
|
CWE-200
Information Exposure
|
CVE-2017-16541
|
2024-11-21 12:16 |
2017-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264094
|
5.9 |
MEDIUM
Network
|
mobyproject
|
moby
|
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels a…
|
CWE-200
Information Exposure
|
CVE-2017-16539
|
2024-11-21 12:16 |
2017-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264095
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified oth…
|
CWE-20
Improper Input Validation
|
CVE-2017-16538
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264096
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have uns…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-16537
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264097
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system cr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-16536
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264098
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly h…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-16535
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264099
|
6.8 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly hav…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-16534
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264100
|
6.6 |
MEDIUM
Physics
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have uns…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-16533
|
2024-11-21 12:16 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
