Launchpad.net

Launchpad CVE tracker

Find CVEs by number or keywords:
Show all registered CVEs

Recently updated CVEs

CVE-2017-7242 (Candidate)
Multiple Cross-Site Scripting (XSS) were discovered in admin/modules components in SLiMS 7 Cendana through 2017-03-23: the keywords parameter to bibliography/checkout_item.php, bibliography/dl_print.php, bibliography/item.php, bibliography/item_barcode_generator.php, bibliography/printed_card.php, circulation/loan_rules.php, master_file/author.php, master_file/coll_type.php, and master_file/doc_language.php and the quickReturnID field to circulation/ajax_action.php.
Created on 2017-03-24 and modified 1 hour ago.

CVE-2017-7244 (Candidate)
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.
Created on 2017-03-24 and modified 1 hour ago.

CVE-2017-7245 (Candidate)
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.
Created on 2017-03-24 and modified 1 hour ago.

CVE-2017-7246 (Candidate)
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.
Created on 2017-03-24 and modified 1 hour ago.

CVE-2017-7247 (Candidate)
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (torrents, size) passed to the 'Gazelle-master/sections/tools/managers/multiple_freeleech.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Created on 2017-03-24 and modified 1 hour ago.

Launchpad includes full support for the CVE framework. We update the Launchpad CVE database daily to ensure it includes details of all known vulnerabilities.