|
254801
|
6.5 |
MEDIUM
Network
|
graphicsmagick
|
graphicsmagick
|
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote den…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14165
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254802
|
8.8 |
HIGH
Network
|
uclouvain
|
openjpeg
|
A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-b…
|
CWE-119
CWE-787
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Write
|
CVE-2017-14164
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254803
|
4.7 |
MEDIUM
Local
|
openldap
oracle
|
openldap
blockchain_platform
|
slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-roo…
|
CWE-665
Improper Initialization
|
CVE-2017-14159
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254804
|
7.5 |
HIGH
Network
|
scrapy
|
scrapy
|
Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14158
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254805
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive informa…
|
CWE-200
Information Exposure
|
CVE-2017-14156
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254806
|
8.8 |
HIGH
Network
|
uclouvain
debian
|
openjpeg
debian_linux
|
A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of serv…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14152
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254807
|
8.8 |
HIGH
Network
|
uclouvain
debian
|
openjpeg
debian_linux
|
An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14151
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254808
|
7.5 |
HIGH
Network
|
embedthis
|
goahead
|
GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14149
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254809
|
8.8 |
HIGH
Network
|
helpdezk
|
helpdezk
|
HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory.
|
CWE-94
Code Injection
|
CVE-2017-14146
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254810
|
9.8 |
CRITICAL
Network
|
helpdezk
|
helpdezk
|
HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATH_INFO, related to the selectWarning function.
|
CWE-89
SQL Injection
|
CVE-2017-14145
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
