CVE-2017-6804 (wp_markdown_editor)
A Stored XSS Vulnerability exists in the WP Markdown Editor (aka wp-markdown-editor) plugin 2.0.3 for WordPress. An example attack vector is a crafted IMG element in Add New Post or Edit Post.
[월:] 2017년 03월
CVE-2017-6799 (mantisbt)
CVE-2017-6799 (mantisbt)
A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the ‘view_type’ parameter.
Source: CVE-2017-6799 (mantisbt)
CVE-2017-2787
CVE-2017-2787
A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.
Source: CVE-2017-2787
CVE-2017-5859
CVE-2017-5859
On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183.
Source: CVE-2017-5859
CVE-2017-6427
CVE-2017-6427
A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request.
Source: CVE-2017-6427
CVE-2017-2785
CVE-2017-2785
An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.
Source: CVE-2017-2785
CVE-2017-2786
CVE-2017-2786
A denial of service vulnerability exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to an out of bounds read causing a crash and a denial of service.
Source: CVE-2017-2786
CVE-2016-8714
CVE-2016-8714
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability.
Source: CVE-2016-8714
CVE-2017-6596
CVE-2017-6596
partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to launch a ‘Denial of Service attack’ in the context of the user running the affected application.
Source: CVE-2017-6596
CVE-2017-2788
CVE-2017-2788
A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.
Source: CVE-2017-2788