|
198581
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause …
|
CWE-416
Use After Free
|
CVE-2017-12671
|
2024-11-21 12:10 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198582
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of s…
|
CWE-20
CWE-617
Improper Input Validation
Reachable Assertion
|
CVE-2017-12670
|
2024-11-21 12:10 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198583
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12669
|
2024-11-21 12:10 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198584
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12668
|
2024-11-21 12:10 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198585
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-12667
|
2024-11-21 12:10 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198586
|
7.8 |
HIGH
Local
|
ultraedit
|
ultraedit
|
An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploit the vulnerability, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a D…
|
CWE-426
Untrusted Search Path
|
CVE-2017-12580
|
2024-11-21 12:09 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198587
|
9.8 |
CRITICAL
Network
|
libpng
netapp
|
libpng
active_iq_unified_manager
|
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
|
CWE-20
Improper Input Validation
|
CVE-2017-12652
|
2024-11-21 12:09 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198588
|
8.1 |
HIGH
Network
|
apache
|
zeppelin
|
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
|
CWE-384
Session Fixation
|
CVE-2017-12619
|
2024-11-21 12:09 |
2019-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198589
|
7.8 |
HIGH
Local
|
gnome
|
gdk-pixbuf
nautilus
|
GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12447
|
2024-11-21 12:09 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198590
|
9.8 |
CRITICAL
Network
|
planex
|
cs-qr20_firmware
smacam_night_vision
|
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemC…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-12577
|
2024-11-21 12:09 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
