|
251641
|
8.8 |
HIGH
Network
|
lilypond
|
lilypond
|
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-inje…
|
CWE-74
Injection
|
CVE-2017-17523
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251642
|
8.8 |
HIGH
Network
|
sensible-utils_project
|
sensible-utils
|
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argumen…
|
CWE-74
Injection
|
CVE-2017-17512
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251643
|
8.8 |
HIGH
Network
|
hdfgroup
|
hdf5
|
In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-17509
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251644
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
|
CWE-369
Divide By Zero
|
CVE-2017-17508
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251645
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17507
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251646
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17506
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251647
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17505
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251648
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
debian
|
imagemagick
ubuntu_linux
debian_linux
|
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17504
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251649
|
8.8 |
HIGH
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17503
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251650
|
8.8 |
HIGH
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17502
|
2024-11-21 12:18 |
2017-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
