NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
83310  CVE-2017-6370  TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields.    Medium  2017-03-29  2017-03-27  View
83309  CVE-2017-6367  In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.    Medium  2017-03-18  2017-03-16  View
83308  CVE-2017-6366  Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely.    6.8  Medium  2017-04-27  2017-03-29  View
83307  CVE-2017-6355  Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access.    2.1  Low  2017-07-18  2017-07-10  View
83306  CVE-2017-6353  net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.    4.9  Medium  2017-03-18  2017-03-02  View

Page 1011 of 17672, showing 5 records out of 88360 total, starting on record 5051, ending on 5055

Actions