CVE-2017-14717
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
Source: CVE-2017-14717
[월:] 2017년 09월
CVE-2017-14716
CVE-2017-14716
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter.
Source: CVE-2017-14716
CVE-2017-14715
CVE-2017-14715
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter.
Source: CVE-2017-14715
CVE-2017-14694
CVE-2017-14694
Foxit Reader 8.3.2.25013 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at tiptsf!CPenInputPanel::FinalRelease+0x000000000000002f."
Source: CVE-2017-14694
CVE-2017-14706
CVE-2017-14706
DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments.
Source: CVE-2017-14706
CVE-2017-14705
CVE-2017-14705
DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by exploiting CVE-2017-14706. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments.
Source: CVE-2017-14705
CVE-2017-6267
CVE-2017-6267
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service.
Source: CVE-2017-6267
CVE-2017-6271
CVE-2017-6271
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and denial of service.
Source: CVE-2017-6271
CVE-2017-6269
CVE-2017-6269
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without validation which may lead to denial of service or possible escalation of privileges.
Source: CVE-2017-6269
CVE-2017-6272
CVE-2017-6272
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalation of privileges.
Source: CVE-2017-6272