|
256511
|
9.8 |
CRITICAL
Network
|
sam2p_project
|
sam2p
|
Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also causes…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-14636
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256512
|
7.8 |
HIGH
Local
|
artifex
|
mupdf
|
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection st…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14687
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256513
|
7.8 |
HIGH
Local
|
artifex
|
mupdf
|
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14686
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256514
|
7.8 |
HIGH
Local
|
artifex
|
mupdf
|
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection st…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14685
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256515
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagi…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-14684
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256516
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14682
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256517
|
5.5 |
MEDIUM
Local
|
p3scan_project
|
p3scan
|
The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to t…
|
CWE-665
Improper Initialization
|
CVE-2017-14681
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256518
|
7.5 |
HIGH
Network
|
zkteco
|
zktime_web
|
ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.
|
CWE-200
Information Exposure
|
CVE-2017-14680
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256519
|
9.8 |
CRITICAL
Network
|
tapatalk
|
tapatalk
|
SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC enco…
|
CWE-89
SQL Injection
|
CVE-2017-14652
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256520
|
4.8 |
MEDIUM
Network
|
wso2
|
storage_server
message_broker
machine_learner
iot_server
identity_server
governance_registry
enterprise_mobility_manager
enterprise_integrator
data_services_server
dashboar…
|
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14651
|
2024-11-21 12:13 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
