|
264451
|
4.8 |
MEDIUM
Network
|
icewarp
|
mail_server
|
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user n…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12844
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264452
|
9.8 |
CRITICAL
Network
|
saltstack
|
salt
|
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master …
|
CWE-22
Path Traversal
|
CVE-2017-12791
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264453
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denia…
|
CWE-617
Reachable Assertion
|
CVE-2017-13132
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264454
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-13131
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264455
|
7.8 |
HIGH
Local
|
bmc
|
patrol
|
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substr…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-13130
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264456
|
9.8 |
CRITICAL
Network
|
noviflow
|
noviware
|
A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12787
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264457
|
9.8 |
CRITICAL
Network
|
noviflow
|
noviware
|
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an op…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12786
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264458
|
9.8 |
CRITICAL
Network
|
noviflow
|
noviware
|
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. Th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12785
|
2024-11-21 12:10 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264459
|
6.5 |
MEDIUM
Network
|
cyrusimap
fedoraproject
|
cyrus_imap
fedora
|
Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.
|
CWE-20
Improper Input Validation
|
CVE-2017-12843
|
2024-11-21 12:10 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264460
|
6.5 |
MEDIUM
Network
|
graphicsmagick
|
graphicsmagick
|
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-13066
|
2024-11-21 12:10 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
