|
255271
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-11525
|
2024-11-21 12:07 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255272
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a c…
|
CWE-617
Reachable Assertion
|
CVE-2017-11524
|
2024-11-21 12:07 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255273
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the e…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-11523
|
2024-11-21 12:07 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255274
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11522
|
2024-11-21 12:07 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255275
|
7.5 |
HIGH
Network
|
resiprocate
debian
|
resiprocate
debian_linux
|
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service (memory consumption) by triggering many medi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-11521
|
2024-11-21 12:07 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255276
|
9.8 |
CRITICAL
Network
|
tp-link
|
archer_c9_\(2.0\)_firmware
|
passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511.
|
CWE-335
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
|
CVE-2017-11519
|
2024-11-21 12:07 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255277
|
9.8 |
CRITICAL
Network
|
geutebrueck
|
gcore
|
Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11517
|
2024-11-21 12:07 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255278
|
6.1 |
MEDIUM
Network
|
yiiframework
|
yii
|
An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception->errorInfo is mishandle…
|
CWE-79
Cross-site Scripting
|
CVE-2017-11516
|
2024-11-21 12:07 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255279
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malform…
|
CWE-834
Excessive Iteration
|
CVE-2017-11505
|
2024-11-21 12:07 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255280
|
6.1 |
MEDIUM
Network
|
phpmailer_project
|
phpmailer
|
PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-11503
|
2024-11-21 12:07 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
