|
247121
|
7.5 |
HIGH
Network
|
autotrace_project
|
autotrace
|
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9154
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247122
|
9.8 |
CRITICAL
Network
|
autotrace_project
|
autotrace
|
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_rawpbm function in input-pnm.c:391:13.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9153
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247123
|
9.8 |
CRITICAL
Network
|
autotrace_project
|
autotrace
|
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9152
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247124
|
9.8 |
CRITICAL
Network
|
autotrace_project
|
autotrace
|
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_ascii function in input-pnm.c:303:12.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9151
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247125
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which all…
|
CWE-200
Information Exposure
|
CVE-2017-9150
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247126
|
7.5 |
HIGH
Network
|
metadata_anonymisation_toolkit_project
|
metadata_anonymisation_toolkit
|
Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to ob…
|
CWE-200
Information Exposure
|
CVE-2017-9149
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247127
|
6.5 |
MEDIUM
Network
|
libtiff
|
libtiff
|
LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9147
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247128
|
8.8 |
HIGH
Network
|
ytnef_project
|
ytnef
|
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9146
|
2024-11-21 12:35 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247129
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
|
imagemagick
debian_linux
|
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
|
CWE-20
Improper Input Validation
|
CVE-2017-9144
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247130
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
|
imagemagick
debian_linux
|
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-9143
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
