|
257881
|
6.1 |
MEDIUM
Network
|
fiyo
|
fiyo_cms
|
Fiyo CMS 2.0.7 has XSS in dapur\apps\app_config\sys_config.php via the site_name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-13778
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257882
|
6.5 |
MEDIUM
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts o…
|
CWE-834
Excessive Iteration
|
CVE-2017-13777
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257883
|
6.5 |
MEDIUM
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts o…
|
CWE-834
Excessive Iteration
|
CVE-2017-13776
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257884
|
6.5 |
MEDIUM
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the r…
|
NVD-CWE-noinfo
|
CVE-2017-13775
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257885
|
7.8 |
HIGH
Local
|
hikvision
|
ivms-4200
|
Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2017-13774
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257886
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
debian
|
imagemagick
ubuntu_linux
debian_linux
|
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13769
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257887
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
canonical
|
imagemagick
debian_linux
ubuntu_linux
|
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-13768
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257888
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
|
CWE-20
CWE-835
Improper Input Validation
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-13767
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257889
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-13766
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257890
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validat…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13765
|
2024-11-21 12:11 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
