|
255931
|
7.5 |
HIGH
Network
|
php
|
php
|
In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variable…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-11142
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255932
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageEx…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-11141
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255933
|
5.5 |
MEDIUM
Local
|
graphicsmagick
|
graphicsmagick
|
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource…
|
CWE-400
CWE-755
Uncontrolled Resource Consumption
Improper Handling of Exceptional Conditions
|
CVE-2017-11140
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255934
|
9.8 |
CRITICAL
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c.
|
CWE-415
Double Free
|
CVE-2017-11139
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255935
|
5.5 |
MEDIUM
Local
|
mpg123
|
mpg123
|
The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11126
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255936
|
9.8 |
CRITICAL
Network
|
xar_project
|
xar
|
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11125
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255937
|
9.8 |
CRITICAL
Network
|
xar_project
|
xar
|
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11124
|
2024-11-21 12:07 |
2017-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255938
|
7.5 |
HIGH
Network
|
gnu
|
ncurses
|
In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11113
|
2024-11-21 12:07 |
2017-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255939
|
7.5 |
HIGH
Network
|
gnu
|
ncurses
|
In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is u…
|
CWE-20
Improper Input Validation
|
CVE-2017-11112
|
2024-11-21 12:07 |
2017-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255940
|
7.8 |
HIGH
Local
|
nasm
canonical
|
netwide_assembler
ubuntu_linux
|
In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11111
|
2024-11-21 12:07 |
2017-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
