CVE-2017-1002008

Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.

Source: CVE-2017-1002008

CVE-2017-1002012

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement.

Source: CVE-2017-1002012

CVE-2017-1002016

Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download.php doesn’t check to see if the user is authenticated or that they have permission to upload files.

Source: CVE-2017-1002016

CVE-2017-13725 (tcpdump)

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().

Source: CVE-2017-13725 (tcpdump)

CVE-2017-13053 (tcpdump)

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().

Source: CVE-2017-13053 (tcpdump)

CVE-2017-13689 (tcpdump)

The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().

Source: CVE-2017-13689 (tcpdump)

CVE-2017-13052 (tcpdump)

The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().

Source: CVE-2017-13052 (tcpdump)

CVE-2017-13055 (tcpdump)

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().

Source: CVE-2017-13055 (tcpdump)

CVE-2017-13051 (tcpdump)

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

Source: CVE-2017-13051 (tcpdump)

CVE-2017-13050 (tcpdump)

The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().

Source: CVE-2017-13050 (tcpdump)