|
253051
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15218
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253052
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15217
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253053
|
6.1 |
MEDIUM
Network
|
misp-project
|
misp
|
MISP before 2.4.81 has a potential reflected XSS in a quickDelete action that is used to delete a sighting, related to app/View/Sightings/ajax/quickDeleteConfirmationForm.ctp and app/webroot/js/misp.…
|
CWE-79
Cross-site Scripting
|
CVE-2017-15216
|
2024-11-21 12:14 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253054
|
5.0 |
MEDIUM
Local
|
libmp3splt_project
|
libmp3splt
|
plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service (…
|
CWE-20
Improper Input Validation
|
CVE-2017-15185
|
2024-11-21 12:14 |
2017-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253055
|
6.5 |
MEDIUM
Network
|
rapid7
|
metasploit
|
The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
|
CWE-352
Origin Validation Error
|
CVE-2017-15084
|
2024-11-21 12:14 |
2017-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253056
|
7.5 |
HIGH
Network
|
wpmudev
|
smush_image_compression_and_optimization
|
The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory traversal.
|
CWE-22
Path Traversal
|
CVE-2017-15079
|
2024-11-21 12:14 |
2017-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253057
|
8.8 |
HIGH
Network
|
intelliants
|
subrion
|
There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php…
|
CWE-352
Origin Validation Error
|
CVE-2017-15063
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253058
|
7.8 |
HIGH
Local
|
upx_project
|
upx
|
p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15056
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253059
|
9.8 |
CRITICAL
Network
|
redislabs
|
redis
|
The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15047
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253060
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15046
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
