|
259271
|
8.8 |
HIGH
Network
|
opencv
debian
|
opencv
debian_linux
|
OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-12597
|
2024-11-21 12:09 |
2017-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259272
|
7.8 |
HIGH
Local
|
openexr
|
openexr
|
In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly uns…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-12596
|
2024-11-21 12:09 |
2017-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259273
|
9.8 |
CRITICAL
Network
|
rsyslog
|
rsyslog
|
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2017-12588
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259274
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.
|
CWE-834
Excessive Iteration
|
CVE-2017-12587
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259275
|
7.8 |
HIGH
Local
|
sandboxie
|
sandboxie_installer
|
Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-12480
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259276
|
6.5 |
MEDIUM
Network
|
slims
|
akasia
|
SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. It can be exploited by remote authenticated librarian users.
|
CWE-22
Path Traversal
|
CVE-2017-12586
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259277
|
8.8 |
HIGH
Network
|
slims
|
akasia
|
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. It can be explo…
|
CWE-89
SQL Injection
|
CVE-2017-12585
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259278
|
8.8 |
HIGH
Network
|
slims
|
senayan_library_management_system
|
There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an entire user profile (including the password) can be updated without sending the current password. This allows remote attackers to…
|
CWE-352
Origin Validation Error
|
CVE-2017-12584
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259279
|
6.1 |
MEDIUM
Network
|
dokuwiki
|
dokuwiki
|
DokuWiki through 2017-02-19b has XSS in the at parameter (aka the DATE_AT variable) to doku.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-12583
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259280
|
7.5 |
HIGH
Network
|
brother
|
dcp-j132w_firmware
|
Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother DCP-J132W (and probably other DCP models) allows remote attackers to hang the printer (disrupting its network connection) by se…
|
NVD-CWE-noinfo
|
CVE-2017-12568
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
