NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
83310 | CVE-2017-6370 | TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields. | 2 | 5 | Medium | 2017-03-29 | 2017-03-27 | View | |
83309 | CVE-2017-6367 | In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header. | 2 | 5 | Medium | 2017-03-18 | 2017-03-16 | View | |
83308 | CVE-2017-6366 | Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely. | 2 | 6.8 | Medium | 2017-04-27 | 2017-03-29 | View | |
83307 | CVE-2017-6355 | Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (process crash) via crafted pkt_length and offlen values, which trigger an out-of-bounds access. | 2 | 2.1 | Low | 2017-07-18 | 2017-07-10 | View | |
83306 | CVE-2017-6353 | net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. | 2 | 4.9 | Medium | 2017-03-18 | 2017-03-02 | View |
Page 1011 of 17672, showing 5 records out of 88360 total, starting on record 5051, ending on 5055