|
249661
|
6.5 |
MEDIUM
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service vi…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-18219
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249662
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by lever…
|
CWE-416
Use After Free
|
CVE-2017-18218
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249663
|
6.1 |
MEDIUM
Network
|
invoiceplane
|
invoiceplane
|
An issue was discovered in InvoicePlane before 1.5.5. It was observed that the Email address and Web address parameters are vulnerable to Cross Site Scripting, related to application/modules/clients/…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18217
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249664
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18216
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249665
|
9.8 |
CRITICAL
Network
|
xv_project
opensuse
|
xv
leap
|
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-18215
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249666
|
7.5 |
HIGH
Network
|
momentjs
tenable
|
moment
nessus
|
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-18214
|
2024-11-21 12:19 |
2018-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249667
|
7.2 |
HIGH
Network
|
exponentcms
|
exponent_cms
|
In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate their privileges.
|
NVD-CWE-noinfo
|
CVE-2017-18213
|
2024-11-21 12:19 |
2018-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249668
|
9.8 |
CRITICAL
Network
|
jerryscript
|
jerryscript
|
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18212
|
2024-11-21 12:19 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249669
|
9.8 |
CRITICAL
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLK…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18211
|
2024-11-21 12:19 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249670
|
9.8 |
CRITICAL
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18210
|
2024-11-21 12:19 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
