|
258511
|
7.5 |
HIGH
Network
|
mindwerks
|
wildmidi
|
The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11661
|
2024-11-21 12:08 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258512
|
8.8 |
HIGH
Local
|
hashicorp
|
vagrant_vmware_fusion
|
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges b…
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-11741
|
2024-11-21 12:08 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258513
|
7.3 |
HIGH
Local
|
dashlane
|
dashlane
|
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-11657
|
2024-11-21 12:08 |
2017-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258514
|
9.8 |
CRITICAL
Network
|
ioquake3
|
ioquake3
|
Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11721
|
2024-11-21 12:08 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258515
|
6.5 |
MEDIUM
Network
|
libquicktime
|
libquicktime
|
In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_ftyp in ftyp.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-20
Improper Input Validation
|
CVE-2017-12145
|
2024-11-21 12:08 |
2017-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258516
|
5.5 |
MEDIUM
Local
|
ytnef_project
|
ytnef
|
In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-12144
|
2024-11-21 12:08 |
2017-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258517
|
6.5 |
MEDIUM
Network
|
libquicktime
|
libquicktime
|
In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_info in lqt_quicktime.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-20
Improper Input Validation
|
CVE-2017-12143
|
2024-11-21 12:08 |
2017-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258518
|
5.5 |
MEDIUM
Local
|
ytnef_project
|
ytnef
|
In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-12142
|
2024-11-21 12:08 |
2017-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258519
|
5.5 |
MEDIUM
Local
|
ytnef_project
|
ytnef
|
In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12141
|
2024-11-21 12:08 |
2017-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258520
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.
|
CWE-400
CWE-681
Uncontrolled Resource Consumption
Incorrect Conversion between Numeric Types
|
CVE-2017-12140
|
2024-11-21 12:08 |
2017-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
