|
249231
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6845
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249232
|
7.8 |
HIGH
Local
|
podofo_project
|
podofo
|
Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6844
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249233
|
7.8 |
HIGH
Local
|
podofo_project
|
podofo
|
Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6843
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249234
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6842
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249235
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a craf…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6841
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249236
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6840
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249237
|
7.8 |
HIGH
Local
|
audiofile
|
audiofile
|
Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WA…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6828
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249238
|
7.8 |
HIGH
Local
|
audiofile
|
audiofile
|
Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6827
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249239
|
6.1 |
MEDIUM
Network
|
shishnet
|
shimmie
|
An issue was discovered in Shimmie <= 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An …
|
CWE-79
Cross-site Scripting
|
CVE-2017-6909
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249240
|
6.1 |
MEDIUM
Network
|
concrete5
|
concrete5
|
An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (fID) passed to the "concrete5-legacy-master/web/concrete/tools/files/se…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6908
|
2024-11-21 12:30 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
