|
253361
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15225
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253362
|
5.4 |
MEDIUM
Network
|
dotcms
|
dotcms
|
The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Scripting (XSS) affecting a vanity-urls Title field, a containers Description field, and a templates Description field.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15219
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253363
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15193
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253364
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have th…
|
NVD-CWE-noinfo
|
CVE-2017-15192
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253365
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2017-15191
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253366
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable.
|
NVD-CWE-noinfo
|
CVE-2017-15190
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253367
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15189
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253368
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15218
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253369
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15217
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253370
|
6.1 |
MEDIUM
Network
|
misp-project
|
misp
|
MISP before 2.4.81 has a potential reflected XSS in a quickDelete action that is used to delete a sighting, related to app/View/Sightings/ajax/quickDeleteConfirmationForm.ctp and app/webroot/js/misp.…
|
CWE-79
Cross-site Scripting
|
CVE-2017-15216
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
