Skip to main content
CVE-2017-11113 HIGH POC This Week

In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ncurses
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-11104 MEDIUM POC PATCH This Month

Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Authentication Bypass Knot Dns Debian Linux
NVD
CVSS 3.1
5.9
EPSS
2.0%
CVE-2017-11107 MEDIUM POC This Month

phpLDAPadmin through 1.2.3 has XSS in htdocs/entry_chooser.php via the form, element, rdn, or container parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Phpldapadmin Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2017-11108 HIGH This Week

tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Tcpdump
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2017-11111 HIGH This Week

In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Netwide Assembler Ubuntu Linux
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-11109 HIGH This Week

Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Vim
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-11110 HIGH This Week

The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Denial Of Service Catdoc
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-11112 HIGH This Week

In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ncurses
NVD
CVSS 3.0
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy