|
247321
|
5.5 |
MEDIUM
Local
|
entropymine
|
imageworsener
|
The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-7624
|
2024-11-21 12:32 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247322
|
5.5 |
MEDIUM
Local
|
entropymine
|
imageworsener
|
The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7623
|
2024-11-21 12:32 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247323
|
8.8 |
HIGH
Network
|
deepin
|
deepin_desktop_environment
|
dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. Any…
|
CWE-862
Missing Authorization
|
CVE-2017-7622
|
2024-11-21 12:32 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247324
|
7.5 |
HIGH
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, Modula…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-7619
|
2024-11-21 12:32 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247325
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-7618
|
2024-11-21 12:32 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247326
|
8.8 |
HIGH
Network
|
digium
|
asterisk
certified_asterisk
|
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7617
|
2024-11-21 12:32 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247327
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stac…
|
CWE-388
7PK - Errors
|
CVE-2017-7616
|
2024-11-21 12:32 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247328
|
9.8 |
CRITICAL
Network
|
gnu
|
binutils
|
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7614
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247329
|
5.5 |
MEDIUM
Local
|
elfutils_project
debian
canonical
|
elfutils
debian_linux
ubuntu_linux
|
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
|
CWE-20
Improper Input Validation
|
CVE-2017-7613
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247330
|
5.5 |
MEDIUM
Local
|
elfutils_project
debian
canonical
|
elfutils
debian_linux
ubuntu_linux
|
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7612
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
