|
256241
|
8.8 |
HIGH
Network
|
uclouvain
debian
|
openjpeg
debian_linux
|
An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14151
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256242
|
7.5 |
HIGH
Network
|
embedthis
|
goahead
|
GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14149
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256243
|
8.8 |
HIGH
Network
|
helpdezk
|
helpdezk
|
HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory.
|
CWE-94
Code Injection
|
CVE-2017-14146
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256244
|
9.8 |
CRITICAL
Network
|
helpdezk
|
helpdezk
|
HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATH_INFO, related to the selectWarning function.
|
CWE-89
SQL Injection
|
CVE-2017-14145
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256245
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid ex…
|
CWE-200
Information Exposure
|
CVE-2017-14140
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256246
|
5.5 |
MEDIUM
Local
|
gnome
|
gedit
|
libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to cause a denial of service (CPU consumption) via a file that begins with many '\0' characters.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14108
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256247
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-14139
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256248
|
9.8 |
CRITICAL
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-14138
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256249
|
7.5 |
HIGH
Network
|
imagemagick
|
imagemagick
|
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14137
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256250
|
6.5 |
MEDIUM
Network
|
opencv
debian
|
opencv
debian_linux
|
OpenCV (Open Source Computer Vision Library) 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. NOTE: this vulnerability e…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14136
|
2024-11-21 12:12 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
