|
257491
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-14930
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257492
|
7.5 |
HIGH
Network
|
freedesktop
|
poppler
|
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilin…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-14929
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257493
|
5.5 |
MEDIUM
Local
|
freedesktop
debian
|
poppler
debian_linux
|
In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14928
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257494
|
5.5 |
MEDIUM
Local
|
freedesktop
|
poppler
|
In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14927
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257495
|
5.5 |
MEDIUM
Local
|
freedesktop
debian
|
poppler
debian_linux
|
In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14926
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257496
|
8.0 |
HIGH
Network
|
tiki
|
tikiwiki_cms\/groupware
|
Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki before 16.3, 17.x before 17.1, 12 LTS before 12.12 LTS, and 15 LTS before 15.5 LTS allows an authenticated user to edit global …
|
CWE-352
Origin Validation Error
|
CVE-2017-14925
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257497
|
8.0 |
HIGH
Network
|
tiki
|
tikiwiki_cms\/groupware
|
Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki before 16.3, 17.x before 17.1, 12 LTS before 12.12 LTS, and 15 LTS before 15.5 LTS allows an authenticated user to gain adminis…
|
CWE-352
Origin Validation Error
|
CVE-2017-14924
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257498
|
5.4 |
MEDIUM
Network
|
tine20
|
tine_2.0
|
Stored XSS vulnerability via IMG element at "Leadname" of CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14923
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257499
|
5.4 |
MEDIUM
Network
|
tine20
|
tine_2.0
|
Stored XSS vulnerability via IMG element at "History" of Profile, Calendar, Tasks, and CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is m…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14922
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257500
|
5.4 |
MEDIUM
Network
|
tine20
|
tine_2.0
|
Stored XSS vulnerability via IMG element at "Filename" of Filemanager in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rend…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14921
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
