|
250221
|
7.5 |
HIGH
Network
|
eviewgps
|
ev-07s_gps_tracker_firmware
|
Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying infor…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-5239
|
2024-11-21 12:27 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250222
|
5.3 |
MEDIUM
Network
|
eviewgps
|
ev-07s_gps_tracker_firmware
|
Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5238
|
2024-11-21 12:27 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250223
|
7.5 |
HIGH
Network
|
eviewgps
|
ev-07s_gps_tracker_firmware
|
Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!"
|
CWE-287
Improper Authentication
|
CVE-2017-5237
|
2024-11-21 12:27 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250224
|
7.8 |
HIGH
Local
|
fedoraproject
kde
|
fedora
ark
|
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
|
CWE-78
OS Command
|
CVE-2017-5330
|
2024-11-21 12:27 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250225
|
9.8 |
CRITICAL
Network
|
imagemagick
debian
|
imagemagick
debian_linux
|
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5511
|
2024-11-21 12:27 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250226
|
7.8 |
HIGH
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5510
|
2024-11-21 12:27 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250227
|
7.8 |
HIGH
Local
|
imagemagick
|
imagemagick
|
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5509
|
2024-11-21 12:27 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250228
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5508
|
2024-11-21 12:27 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250229
|
7.5 |
HIGH
Network
|
imagemagick
debian
|
imagemagick
debian_linux
|
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-5507
|
2024-11-21 12:27 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250230
|
7.8 |
HIGH
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
|
CWE-415
Double Free
|
CVE-2017-5506
|
2024-11-21 12:27 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
