|
257441
|
6.5 |
MEDIUM
Network
|
libtiff
|
libtiff
|
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of servic…
|
CWE-617
Reachable Assertion
|
CVE-2017-13727
|
2024-11-21 12:11 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257442
|
6.5 |
MEDIUM
Network
|
libtiff
|
libtiff
|
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service atta…
|
CWE-617
Reachable Assertion
|
CVE-2017-13726
|
2024-11-21 12:11 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257443
|
5.5 |
MEDIUM
Local
|
sqlite
|
sqlite
|
The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.
|
CWE-20
Improper Input Validation
|
CVE-2017-13685
|
2024-11-21 12:11 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257444
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a…
|
CWE-665
Improper Initialization
|
CVE-2017-13715
|
2024-11-21 12:11 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257445
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application cr…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-13716
|
2024-11-21 12:11 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257446
|
7.5 |
HIGH
Network
|
lame_project
|
lame
|
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-13712
|
2024-11-21 12:11 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257447
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer der…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-13710
|
2024-11-21 12:11 |
2017-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257448
|
7.5 |
HIGH
Network
|
flightgear
|
flightgear
|
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree.
|
CWE-20
Improper Input Validation
|
CVE-2017-13709
|
2024-11-21 12:11 |
2017-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257449
|
9.8 |
CRITICAL
Network
|
axcient
|
replibit
|
Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. The vi program can be accessed through sudo, in or…
|
CWE-269
Improper Privilege Management
|
CVE-2017-13707
|
2024-11-21 12:11 |
2017-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257450
|
6.1 |
MEDIUM
Network
|
finecms_project
|
finecms
|
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
|
CWE-79
Cross-site Scripting
|
CVE-2017-13697
|
2024-11-21 12:11 |
2017-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
