|
249231
|
5.5 |
MEDIUM
Local
|
libtiff
|
libtiff
|
The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-7594
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249232
|
5.5 |
MEDIUM
Local
|
libtiff
|
libtiff
|
tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7593
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249233
|
7.8 |
HIGH
Local
|
libtiff
|
libtiff
|
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly…
|
CWE-20
Improper Input Validation
|
CVE-2017-7592
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249234
|
6.1 |
MEDIUM
Network
|
openidm_project
|
openidm
|
OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/us…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7591
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249235
|
6.1 |
MEDIUM
Network
|
openidm_project
|
openidm
|
OpenIDM through 4.0.0 and 4.5.0 is vulnerable to persistent cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by a crafted Managed Object Name.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7590
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249236
|
6.5 |
MEDIUM
Network
|
openidm_project
|
openidm
|
In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON obj…
|
CWE-200
Information Exposure
|
CVE-2017-7589
|
2024-11-21 12:32 |
2017-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249237
|
5.5 |
MEDIUM
Local
|
libsndfile_project
|
libsndfile
|
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7586
|
2024-11-21 12:32 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249238
|
5.5 |
MEDIUM
Local
|
libsndfile_project
|
libsndfile
|
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7585
|
2024-11-21 12:32 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249239
|
7.8 |
HIGH
Local
|
foxitsoftware
|
foxit_pdf_toolkit
|
Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7584
|
2024-11-21 12:32 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249240
|
6.1 |
MEDIUM
Network
|
ilias
|
ilias
|
ILIAS before 5.2.3 has XSS via SVG documents.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7583
|
2024-11-21 12:32 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
