|
258951
|
8.8 |
HIGH
Network
|
tug
|
tex_live
|
TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attack…
|
CWE-74
Injection
|
CVE-2017-17513
|
2024-11-21 12:18 |
2017-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258952
|
8.8 |
HIGH
Network
|
kildclient
debian
|
kildclient
debian_linux
|
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a c…
|
CWE-74
Injection
|
CVE-2017-17511
|
2024-11-21 12:18 |
2017-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258953
|
7.5 |
HIGH
Network
|
pandasecurity
|
panda_global_protection
|
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17684
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258954
|
7.5 |
HIGH
Network
|
pandasecurity
|
panda_global_protection
|
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17683
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258955
|
6.5 |
MEDIUM
Network
|
imagemagick
debian
canonical
|
imagemagick
debian_linux
ubuntu_linux
|
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-17682
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258956
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a cra…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-17681
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258957
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-17680
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258958
|
9.8 |
CRITICAL
Network
|
vbulletin
|
vbulletin
|
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage o…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-17672
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258959
|
9.8 |
CRITICAL
Network
|
vbulletin
|
vbulletin
|
vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify …
|
CWE-22
Path Traversal
|
CVE-2017-17671
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258960
|
5.5 |
MEDIUM
Local
|
exiv2
canonical
debian
|
exiv2
ubuntu_linux
debian_linux
|
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17669
|
2024-11-21 12:18 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
