|
251221
|
8.8 |
HIGH
Network
|
kildclient
debian
|
kildclient
debian_linux
|
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a c…
|
CWE-74
Injection
|
CVE-2017-17511
|
2024-11-21 12:18 |
2017-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251222
|
7.5 |
HIGH
Network
|
pandasecurity
|
panda_global_protection
|
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17684
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251223
|
7.5 |
HIGH
Network
|
pandasecurity
|
panda_global_protection
|
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17683
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251224
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
canonical
|
imagemagick
debian_linux
ubuntu_linux
|
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-17682
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251225
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a cra…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-17681
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251226
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-17680
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251227
|
9.8 |
CRITICAL
Network
|
vbulletin
|
vbulletin
|
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage o…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-17672
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251228
|
9.8 |
CRITICAL
Network
|
vbulletin
|
vbulletin
|
vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify …
|
CWE-22
Path Traversal
|
CVE-2017-17671
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251229
|
5.5 |
MEDIUM
Local
|
exiv2
canonical
debian
|
exiv2
ubuntu_linux
debian_linux
|
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17669
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251230
|
8.8 |
HIGH
Network
|
octopus
|
octopus_deploy
|
In Octopus Deploy before 4.1.3, the machine update process doesn't check that the user has access to all environments. This allows an access-control bypass because the set of environments to which a …
|
CWE-862
Missing Authorization
|
CVE-2017-17665
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
