|
253401
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-17725
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253402
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to ca…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17724
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253403
|
8.1 |
HIGH
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial o…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17723
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253404
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
|
CWE-617
Reachable Assertion
|
CVE-2017-17722
|
2024-11-21 12:18 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253405
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17659
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253406
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17658
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253407
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17657
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253408
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17656
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253409
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17655
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253410
|
9.8 |
CRITICAL
Network
|
quest
|
netvault_backup
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The …
|
CWE-89
SQL Injection
|
CVE-2017-17654
|
2024-11-21 12:18 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
