|
255521
|
5.9 |
MEDIUM
Network
|
simplesamlphp
|
simplesamlphp
|
The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.x through 1.14.11 makes it easier for context-dependent attackers to bypass the encryption protection mechanism by lever…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-12871
|
2024-11-21 12:10 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255522
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-12693
|
2024-11-21 12:10 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255523
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-12692
|
2024-11-21 12:10 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255524
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-12691
|
2024-11-21 12:10 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255525
|
5.9 |
MEDIUM
Network
|
simplesamlphp
|
simplesamlphp
|
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Cry…
|
CWE-200
Information Exposure
|
CVE-2017-12870
|
2024-11-21 12:10 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255526
|
7.5 |
HIGH
Network
|
simplesamlphp
debian
|
simplesamlphp
debian_linux
|
The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows remote attackers to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via …
|
CWE-20
Improper Input Validation
|
CVE-2017-12869
|
2024-11-21 12:10 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255527
|
9.8 |
CRITICAL
Network
|
simplesamlphp
|
simplesamlphp
|
The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypas…
|
CWE-384
Session Fixation
|
CVE-2017-12868
|
2024-11-21 12:10 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255528
|
7.4 |
HIGH
Network
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). An attacker who performs a Man-in-the-Middle attack between the LOGO! BM and other devices could poten…
|
-
|
CVE-2017-12735
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255529
|
7.5 |
HIGH
Network
|
siemens
|
logo\!8_bm_fs-05_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V1.81.2). An attacker with network access to the integrated web server on port 80/tcp could obtain the sessio…
|
-
|
CVE-2017-12734
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255530
|
7.8 |
HIGH
Local
|
advantech
|
webaccess
|
An Uncontrolled Search Path Element issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A maliciously crafted dll file placed earlier in the search path may allow an attacker…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-12717
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
