|
257131
|
7.5 |
HIGH
Network
|
libreoffice
libwpd
|
libreoffice
libwpd
|
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14226
|
2024-11-21 12:12 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257132
|
8.8 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14225
|
2024-11-21 12:12 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257133
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14224
|
2024-11-21 12:12 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257134
|
6.5 |
MEDIUM
Network
|
ffmpeg
debian
|
ffmpeg
debian_linux
|
In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14223
|
2024-11-21 12:12 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257135
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MOV file, which claims a large "item_c…
|
CWE-834
Excessive Iteration
|
CVE-2017-14222
|
2024-11-21 12:12 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257136
|
8.8 |
HIGH
Local
|
qemu
debian
|
qemu
debian_linux
|
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header addr…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-14167
|
2024-11-21 12:12 |
2017-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257137
|
6.1 |
MEDIUM
Network
|
intelbras
|
wrn_240_firmware
|
XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSu…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14219
|
2024-11-21 12:12 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257138
|
6.1 |
MEDIUM
Network
|
finecms_project
|
finecms
|
The call_msg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14195
|
2024-11-21 12:12 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257139
|
6.1 |
MEDIUM
Network
|
finecms_project
|
finecms
|
The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14194
|
2024-11-21 12:12 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257140
|
6.1 |
MEDIUM
Network
|
finecms_project
|
finecms
|
The oauth function in controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14193
|
2024-11-21 12:12 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
