|
255301
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (torrents, size) passed to the 'Gazell…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7247
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255302
|
7.8 |
HIGH
Local
|
pcre
|
pcre
|
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unsp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7246
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255303
|
7.8 |
HIGH
Local
|
pcre
|
pcre
|
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7245
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255304
|
5.5 |
MEDIUM
Local
|
pcre
|
pcre
|
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7244
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255305
|
6.1 |
MEDIUM
Network
|
slims
|
slims7_cendana
|
Multiple Cross-Site Scripting (XSS) were discovered in admin/modules components in SLiMS 7 Cendana through 2017-03-23: the keywords parameter to bibliography/checkout_item.php, bibliography/dl_print.…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7242
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255306
|
7.8 |
HIGH
Local
|
tenable
|
nessus
|
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. Version 6.10.4 fixes this issu…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-7199
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255307
|
8.8 |
HIGH
Network
|
cloudflare-scrape_project
|
cloudflare-scrape
|
An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A malicious website owner could craft a page that executes arbitrary Python code against any cfscrape user who scrapes that website. …
|
CWE-20
Improper Input Validation
|
CVE-2017-7235
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255308
|
7.8 |
HIGH
Local
|
pngdefry_project
|
pngdefry
|
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the 'process()' function of th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7231
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255309
|
9.8 |
CRITICAL
Network
|
disksorter
|
disk_sorter
|
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7230
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255310
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a nam…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7227
|
2024-11-21 12:31 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
