|
248111
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8765
|
2024-11-21 12:34 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248112
|
6.1 |
MEDIUM
Network
|
telaxius
|
epesi
|
Cross-site scripting (XSS) vulnerability in modules/Base/Box/check_for_new_version.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a…
|
CWE-79
Cross-site Scripting
|
CVE-2017-8763
|
2024-11-21 12:34 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248113
|
5.4 |
MEDIUM
Network
|
genixcms
|
genixcms
|
GeniXCMS 1.0.2 has XSS triggered by an authenticated user who submits a page, as demonstrated by a crafted oncut attribute in a B element.
|
CWE-79
Cross-site Scripting
|
CVE-2017-8762
|
2024-11-21 12:34 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248114
|
6.5 |
MEDIUM
Network
|
brave
|
brave
|
Brave 0.12.4 has a Status Bar Obfuscation issue in which a redirection target is shown in a possibly unexpected way. NOTE: third parties dispute this issue because it is a behavior that might have le…
|
NVD-CWE-noinfo
|
CVE-2017-8459
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248115
|
6.5 |
MEDIUM
Network
|
brave
|
brave
|
Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://safe.example.com@unsafe.example.com/ is displayed without a clear UI indication that it is not a resource on the safe.exampl…
|
CWE-74
Injection
|
CVE-2017-8458
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248116
|
7.8 |
HIGH
Local
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8455
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248117
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8454
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248118
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8453
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248119
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory ex…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8421
|
2024-11-21 12:34 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248120
|
7.8 |
HIGH
Local
|
lame_project
|
lame
|
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8419
|
2024-11-21 12:34 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
