|
249211
|
5.5 |
MEDIUM
Local
|
apng2gif_project
|
apng2gif
|
An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChun…
|
CWE-20
Improper Input Validation
|
CVE-2017-6961
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249212
|
7.5 |
HIGH
Network
|
apng2gif_project
debian
canonical
|
apng2gif
debian_linux
ubuntu_linux
|
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6960
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249213
|
6.1 |
MEDIUM
Network
|
mantisbt
|
source_integration
|
An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by cr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6958
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249214
|
5.3 |
MEDIUM
Network
|
teleogistic
|
invite_anyone
|
An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. A user is able to change the subject and the body of the invitation mail that should be immut…
|
CWE-20
Improper Input Validation
|
CVE-2017-6955
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249215
|
4.3 |
MEDIUM
Network
|
buddypress
|
buddypress
|
An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper perm…
|
CWE-269
Improper Privilege Management
|
CVE-2017-6954
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249216
|
8.8 |
HIGH
Network
|
capstone-engine
|
capstone
|
Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or p…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6952
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249217
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key sy…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6951
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249218
|
8.1 |
HIGH
Network
|
call-cc
|
chicken
|
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsani…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6949
|
2024-11-21 12:30 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249219
|
4.3 |
MEDIUM
Network
|
bigtreecms
|
bigtree_cms
|
CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the admin/settings/update/ page. The Navigation Social can be changed.
|
CWE-352
Origin Validation Error
|
CVE-2017-6918
|
2024-11-21 12:30 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249220
|
4.3 |
MEDIUM
Network
|
bigtreecms
|
bigtree_cms
|
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed.
|
CWE-352
Origin Validation Error
|
CVE-2017-6917
|
2024-11-21 12:30 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
