|
198741
|
7.5 |
HIGH
Network
|
freeradius
debian
redhat
|
freeradius
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_ser…
|
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10978
|
2024-11-21 12:06 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198742
|
7.8 |
HIGH
Local
|
juniper
|
junos
|
An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product s…
|
CWE-91
Blind XPath Injection
|
CVE-2017-10603
|
2024-11-21 12:06 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198743
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through th…
|
CWE-20
Improper Input Validation
|
CVE-2017-10605
|
2024-11-21 12:06 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198744
|
5.3 |
MEDIUM
Network
|
juniper
|
junos
|
When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the r…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2017-10604
|
2024-11-21 12:06 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198745
|
7.8 |
HIGH
Local
|
juniper
|
junos
|
A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Jun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10602
|
2024-11-21 12:06 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198746
|
9.8 |
CRITICAL
Network
|
juniper
|
junos
|
A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, …
|
CWE-287
Improper Authentication
|
CVE-2017-10601
|
2024-11-21 12:06 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198747
|
5.9 |
MEDIUM
Local
|
canonical
|
ubuntu-image
|
ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting image with the uid of the invoking user. When the resulting image is booted, a local attacker with the sam…
|
CWE-384
Session Fixation
|
CVE-2017-10600
|
2024-11-21 12:06 |
2017-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198748
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-10995
|
2024-11-21 12:06 |
2017-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198749
|
7.3 |
HIGH
Local
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document.
|
CWE-123
Write-what-where Condition
|
CVE-2017-10994
|
2024-11-21 12:06 |
2017-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198750
|
6.1 |
MEDIUM
Network
|
wp-statistics
|
wp_statistics
|
The WP Statistics plugin through 12.0.9 for WordPress has XSS in the rangestart and rangeend parameters on the wps_referrers_page page.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10991
|
2024-11-21 12:06 |
2017-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
