|
256801
|
8.8 |
HIGH
Network
|
slims
|
akasia
|
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. It can be explo…
|
CWE-89
SQL Injection
|
CVE-2017-12585
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256802
|
8.8 |
HIGH
Network
|
slims
|
senayan_library_management_system
|
There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an entire user profile (including the password) can be updated without sending the current password. This allows remote attackers to…
|
CWE-352
Origin Validation Error
|
CVE-2017-12584
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256803
|
6.1 |
MEDIUM
Network
|
dokuwiki
|
dokuwiki
|
DokuWiki through 2017-02-19b has XSS in the at parameter (aka the DATE_AT variable) to doku.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-12583
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256804
|
7.5 |
HIGH
Network
|
brother
|
dcp-j132w_firmware
|
Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother DCP-J132W (and probably other DCP models) allows remote attackers to hang the printer (disrupting its network connection) by se…
|
NVD-CWE-noinfo
|
CVE-2017-12568
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256805
|
4.8 |
MEDIUM
Network
|
splunk
|
splunk
|
Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrat…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12572
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256806
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage i…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12566
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256807
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12565
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256808
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12564
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256809
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-12563
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256810
|
9.8 |
CRITICAL
Network
|
libsndfile_project
debian
|
libsndfile
debian_linux
|
Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unsp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12562
|
2024-11-21 12:09 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
