|
259011
|
7.5 |
HIGH
Network
|
eapmd5pass_project
|
eapmd5pass
|
An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:134 was found in the way eapmd5pass 1.4 handled processing of network packets. A remote attacker could potentially use…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11668
|
2024-11-21 12:08 |
2017-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259012
|
9.8 |
CRITICAL
Network
|
actian
|
pervasive_psql
zen
|
Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client …
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2017-11757
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259013
|
9.8 |
CRITICAL
Network
|
medhost
|
connex
|
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-11743
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259014
|
5.5 |
MEDIUM
Local
|
libid3tag_project
|
libid3tag
|
The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11551
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259015
|
7.0 |
HIGH
Local
|
earcms
|
ear_music
|
In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-11756
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259016
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11755
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259017
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11754
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259018
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transp…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11753
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259019
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11752
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259020
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11751
|
2024-11-21 12:08 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
