|
256371
|
8.1 |
HIGH
Network
|
imagemagick
debian
canonical
|
imagemagick
debian_linux
ubuntu_linux
|
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memo…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14607
|
2024-11-21 12:13 |
2017-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256372
|
6.5 |
MEDIUM
Network
|
gnome
debian
|
nautilus
debian_linux
|
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file…
|
CWE-20
Improper Input Validation
|
CVE-2017-14604
|
2024-11-21 12:13 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256373
|
7.5 |
HIGH
Network
|
sap
|
netweaver_application_server_java
|
The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181.
|
NVD-CWE-noinfo
|
CVE-2017-14581
|
2024-11-21 12:13 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256374
|
4.9 |
MEDIUM
Network
|
pragyan_cms_project
|
pragyan_cms
|
Pragyan CMS v3.0 is vulnerable to a Boolean-based SQL injection in cms/admin.lib.php via $_GET['forwhat'], resulting in Information Disclosure.
|
CWE-89
SQL Injection
|
CVE-2017-14601
|
2024-11-21 12:13 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256375
|
4.9 |
MEDIUM
Network
|
pragyan_cms_project
|
pragyan_cms
|
Pragyan CMS v3.0 is vulnerable to an Error-Based SQL injection in cms/admin.lib.php via $_GET['del_black'], resulting in Information Disclosure.
|
CWE-89
SQL Injection
|
CVE-2017-14600
|
2024-11-21 12:13 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256376
|
4.8 |
MEDIUM
Network
|
afterlogic
|
webmail
aurora
|
AdminPanel in AfterLogic WebMail 7.7 and Aurora 7.7.5 has XSS via the txtDomainName field to adminpanel/modules/pro/inc/ajax.php during addition of a domain.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14597
|
2024-11-21 12:13 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256377
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic for Windows Version 2.41 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14580
|
2024-11-21 12:13 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256378
|
7.8 |
HIGH
Local
|
stdutility
|
stdu_viewer
|
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "Read Access Violation on Control Flow starting at STDUJBIG2File!DllG…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14579
|
2024-11-21 12:13 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256379
|
7.8 |
HIGH
Local
|
irfanview
|
irfanview
|
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selectio…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14578
|
2024-11-21 12:13 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256380
|
7.8 |
HIGH
Local
|
stdutility
|
stdu_viewer
|
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Control Flow starting at Unknown Symbol @ 0…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14577
|
2024-11-21 12:13 |
2017-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
