|
256821
|
5.5 |
MEDIUM
Local
|
exiv2
|
exiv2
|
A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14863
|
2024-11-21 12:13 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256822
|
5.5 |
MEDIUM
Local
|
exiv2
canonical
debian
|
exiv2
ubuntu_linux
debian_linux
|
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14862
|
2024-11-21 12:13 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256823
|
5.5 |
MEDIUM
Local
|
exiv2
|
exiv2
|
There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
|
CWE-190
CWE-674
Integer Overflow or Wraparound
Uncontrolled Recursion
|
CVE-2017-14861
|
2024-11-21 12:13 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256824
|
5.5 |
MEDIUM
Local
|
exiv2
|
exiv2
|
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14860
|
2024-11-21 12:13 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256825
|
5.5 |
MEDIUM
Local
|
exiv2
canonical
debian
|
exiv2
ubuntu_linux
debian_linux
|
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to de…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14859
|
2024-11-21 12:13 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256826
|
5.5 |
MEDIUM
Local
|
exiv2
|
exiv2
|
There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14858
|
2024-11-21 12:13 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256827
|
5.5 |
MEDIUM
Local
|
exiv2
|
exiv2
|
In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.
|
CWE-416
Use After Free
|
CVE-2017-14857
|
2024-11-21 12:13 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256828
|
7.5 |
HIGH
Network
|
nodejs
|
node.js
|
Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules.
|
CWE-22
Path Traversal
|
CVE-2017-14849
|
2024-11-21 12:13 |
2017-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256829
|
8.8 |
HIGH
Network
|
dasinfomedia
|
wpams_apartment_management_system
|
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2017-14847
|
2024-11-21 12:13 |
2017-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256830
|
8.8 |
HIGH
Network
|
dasinfomedia
|
hospital_management_system
|
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2017-14846
|
2024-11-21 12:13 |
2017-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
