| Max CVSS | 9.3 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-12154 | 3.6 |
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allow
|
12-02-2023 - 23:27 | 26-09-2017 - 05:29 | |
| CVE-2017-12883 | 6.4 |
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular exp
|
15-07-2020 - 03:15 | 19-09-2017 - 18:29 | |
| CVE-2017-12153 | 4.9 |
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be i
|
09-10-2019 - 23:22 | 21-09-2017 - 15:29 | |
| CVE-2017-2299 | 5.0 |
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the `ssl_ca` parameter but do not specify the `ssl_certs_dir` parameter, a default will be provided for the `s
|
03-10-2019 - 00:03 | 15-09-2017 - 18:29 | |
| CVE-2017-10784 | 9.3 |
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted
|
31-10-2018 - 10:29 | 19-09-2017 - 17:29 | |
| CVE-2017-14340 | 4.9 |
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors rel
|
07-12-2017 - 02:29 | 15-09-2017 - 11:29 | |
| CVE-2004-1916 | 7.5 |
Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x versions up to 0.4.4, allows remote attackers to execute arbitrary code via (1) a long invalid command to parse_all_client_messages function, or (2) long argv command to test_func_f
|
11-07-2017 - 01:31 | 08-04-2004 - 04:00 | |
| CVE-2004-1915 | 7.5 |
Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execute arbitrary code via a large number of arguments.
|
11-07-2017 - 01:31 | 08-04-2004 - 04:00 | |
| CVE-2004-1917 | 7.5 |
Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the str variable.
|
11-07-2017 - 01:31 | 08-04-2004 - 04:00 |