|
255121
|
9.8 |
CRITICAL
Network
|
graphicsmagick
|
graphicsmagick
|
GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11643
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255122
|
8.8 |
HIGH
Network
|
graphicsmagick
|
graphicsmagick
|
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11642
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255123
|
9.8 |
CRITICAL
Network
|
graphicsmagick
|
graphicsmagick
|
GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11641
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255124
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11640
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255125
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in Mag…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11639
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255126
|
8.8 |
HIGH
Network
|
graphicsmagick
|
graphicsmagick
|
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.
|
CWE-20
Improper Input Validation
|
CVE-2017-11638
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255127
|
9.8 |
CRITICAL
Network
|
graphicsmagick
|
graphicsmagick
|
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11637
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255128
|
9.8 |
CRITICAL
Network
|
graphicsmagick
|
graphicsmagick
|
GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11636
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255129
|
9.8 |
CRITICAL
Network
|
fiyo
|
fiyo_cms
|
dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2017-11631
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255130
|
7.5 |
HIGH
Network
|
fiyo
|
fiyo_cms
|
dapur\apps\app_config\controller\backuper.php in Fiyo CMS 2.0.7 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter in a type=database request, a…
|
CWE-22
Path Traversal
|
CVE-2017-11630
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
