|
256831
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted RL2 file, which claims a large "…
|
CWE-834
Excessive Iteration
|
CVE-2017-14056
|
2024-11-21 12:12 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256832
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large "…
|
CWE-834
Excessive Iteration
|
CVE-2017-14055
|
2024-11-21 12:12 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256833
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" fiel…
|
CWE-834
Excessive Iteration
|
CVE-2017-14054
|
2024-11-21 12:12 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256834
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corru…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-14051
|
2024-11-21 12:12 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256835
|
8.8 |
HIGH
Network
|
blackcat-cms
|
blackcat_cms
|
In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-14050
|
2024-11-21 12:12 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256836
|
5.4 |
MEDIUM
Network
|
blackcat-cms
|
blackcat_cms
|
In BlackCat CMS 1.2, backend/settings/ajax_save_settings.php allows remote authenticated users to conduct XSS attacks via the Website header or Website footer field.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14049
|
2024-11-21 12:12 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256837
|
8.8 |
HIGH
Network
|
blackcat-cms
|
blackcat_cms
|
BlackCat CMS 1.2 allows remote authenticated users to inject arbitrary PHP code into info.php via a crafted new_modulename parameter to backend/addons/ajax_create.php. NOTE: this can be exploited via…
|
CWE-352
Origin Validation Error
|
CVE-2017-14048
|
2024-11-21 12:12 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256838
|
6.5 |
MEDIUM
Network
|
graphicsmagick
|
graphicsmagick
|
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14042
|
2024-11-21 12:12 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256839
|
8.8 |
HIGH
Network
|
uclouvain
debian
|
openjpeg
debian_linux
|
A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of ser…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14041
|
2024-11-21 12:12 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256840
|
8.8 |
HIGH
Network
|
uclouvain
debian
|
openjpeg
debian_linux
|
An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspec…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14040
|
2024-11-21 12:12 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
