|
258731
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11170
|
2024-11-21 12:07 |
2017-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258732
|
7.5 |
HIGH
Network
|
pcre
|
pcre
|
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-11164
|
2024-11-21 12:07 |
2017-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258733
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the heade…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11166
|
2024-11-21 12:07 |
2017-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258734
|
5.4 |
MEDIUM
Network
|
cacti
|
cacti
|
Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, r…
|
CWE-79
Cross-site Scripting
|
CVE-2017-11163
|
2024-11-21 12:07 |
2017-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258735
|
9.1 |
CRITICAL
Network
|
php
netapp
|
php
clustered_data_ontap
|
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11147
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258736
|
7.5 |
HIGH
Network
|
php
|
php
|
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak informat…
|
CWE-200
Information Exposure
|
CVE-2017-11145
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258737
|
7.5 |
HIGH
Network
|
php
|
php
|
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2017-11144
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258738
|
7.5 |
HIGH
Network
|
php
|
php
|
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an i…
|
CWE-416
CWE-502
Use After Free
Deserialization of Untrusted Data
|
CVE-2017-11143
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258739
|
7.5 |
HIGH
Network
|
php
|
php
|
In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variable…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-11142
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258740
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageEx…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11141
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
