|
255351
|
7.8 |
HIGH
Local
|
asuswrt-merlin_project
|
rt-ac5300_firmware
rt_ac1900p_firmware
rt-ac68u_firmware
rt-ac68p_firmware
rt-ac88u_firmware
rt-ac66u_firmware
rt-ac66u_b1_firmware
rt-ac58u_firmware
rt-ac56u_firmware
rt-a…
|
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11344
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255352
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-11338
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255353
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
|
CWE-416
Use After Free
|
CVE-2017-11337
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255354
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11336
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255355
|
8.8 |
HIGH
Network
|
libtiff
|
libtiff
|
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode fu…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-11335
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255356
|
9.8 |
CRITICAL
Network
|
glpi-project
|
glpi
|
GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.
|
CWE-89
SQL Injection
|
CVE-2017-11329
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255357
|
5.5 |
MEDIUM
Local
|
virustotal
|
yara
|
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11328
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255358
|
8.1 |
HIGH
Network
|
cobiansoft
|
cobian_backup
|
Cobian Backup 11 client allows man-in-the-middle attackers to add and execute new backup tasks when the master server is spoofed. In addition, the attacker can execute system commands remotely by abu…
|
CWE-78
OS Command
|
CVE-2017-11318
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255359
|
7.8 |
HIGH
Local
|
openmpt
|
libopenmpt
openmpt
|
soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that trigge…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11311
|
2024-11-21 12:07 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255360
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11310
|
2024-11-21 12:07 |
2017-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
