|
257651
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12668
|
2024-11-21 12:10 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257652
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12667
|
2024-11-21 12:10 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257653
|
7.8 |
HIGH
Local
|
ultraedit
|
ultraedit
|
An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploit the vulnerability, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a D…
|
CWE-426
Untrusted Search Path
|
CVE-2017-12580
|
2024-11-21 12:09 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257654
|
9.8 |
CRITICAL
Network
|
libpng
netapp
|
libpng
active_iq_unified_manager
|
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
|
CWE-20
Improper Input Validation
|
CVE-2017-12652
|
2024-11-21 12:09 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257655
|
8.1 |
HIGH
Network
|
apache
|
zeppelin
|
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
|
CWE-384
Session Fixation
|
CVE-2017-12619
|
2024-11-21 12:09 |
2019-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257656
|
7.8 |
HIGH
Local
|
gnome
|
gdk-pixbuf
nautilus
|
GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12447
|
2024-11-21 12:09 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257657
|
9.8 |
CRITICAL
Network
|
planex
|
cs-qr20_firmware
smacam_night_vision
|
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemC…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-12577
|
2024-11-21 12:09 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257658
|
7.2 |
HIGH
Network
|
planex
|
cs-qr20_firmware
|
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2017-12576
|
2024-11-21 12:09 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257659
|
7.5 |
HIGH
Network
|
aterm
|
wg2600hp2_firmware
|
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker co…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2017-12575
|
2024-11-21 12:09 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257660
|
9.8 |
CRITICAL
Network
|
planex
|
cs-w50hd_firmware
|
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-12574
|
2024-11-21 12:09 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
