|
249481
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid s…
|
CWE-416
Use After Free
|
CVE-2017-6966
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249482
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6965
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249483
|
7.5 |
HIGH
Network
|
apng2gif_project
|
apng2gif
|
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer overflow. This is related to the read_chunk function making an unchecked addition of 12.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6962
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249484
|
5.5 |
MEDIUM
Local
|
apng2gif_project
|
apng2gif
|
An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChun…
|
CWE-20
Improper Input Validation
|
CVE-2017-6961
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249485
|
7.5 |
HIGH
Network
|
apng2gif_project
debian
canonical
|
apng2gif
debian_linux
ubuntu_linux
|
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6960
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249486
|
6.1 |
MEDIUM
Network
|
mantisbt
|
source_integration
|
An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by cr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6958
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249487
|
5.3 |
MEDIUM
Network
|
teleogistic
|
invite_anyone
|
An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immut…
|
CWE-20
Improper Input Validation
|
CVE-2017-6955
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249488
|
4.3 |
MEDIUM
Network
|
buddypress
|
buddypress
|
An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper perm…
|
CWE-269
Improper Privilege Management
|
CVE-2017-6954
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249489
|
8.8 |
HIGH
Network
|
capstone-engine
|
capstone
|
Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or p…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6952
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249490
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key sy…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6951
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
