|
256671
|
6.5 |
MEDIUM
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the r…
|
NVD-CWE-noinfo
|
CVE-2017-13775
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256672
|
7.8 |
HIGH
Local
|
hikvision
|
ivms-4200
|
Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2017-13774
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256673
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
debian
|
imagemagick
ubuntu_linux
debian_linux
|
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13769
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256674
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
canonical
|
imagemagick
debian_linux
ubuntu_linux
|
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-13768
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256675
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
|
CWE-20
CWE-835
Improper Input Validation
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-13767
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256676
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-13766
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256677
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validat…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13765
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256678
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-13764
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256679
|
7.5 |
HIGH
Network
|
onosproject
|
onos
|
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-13763
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256680
|
6.1 |
MEDIUM
Network
|
onosproject
|
onos
|
ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2017-13762
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
