Search

Search Results (363618 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-12944 1 Libtiff 1 Libtiff 2025-04-20 N/A
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation.
CVE-2017-12946 1 Easymodal Project 1 Easy Modal 2025-04-20 N/A
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
CVE-2017-12947 1 Easymodal Project 1 Easy Modal 2025-04-20 N/A
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.
CVE-2017-12948 1 Pressforward 1 Pressforward 2025-04-20 N/A
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATH_INFO to wp-admin/admin.php, related to PHP_SELF.
CVE-2017-12949 1 Podlove 1 Podlove Podcast Publisher 2025-04-20 N/A
lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF.
CVE-2017-1295 1 Ibm 1 Rational Collaborative Lifecycle Management 2025-04-20 N/A
IBM RSA DM contains unspecified vulnerability in CLM Applications with potential for information leakage. IBM X-Force ID: 125157.
CVE-2017-12950 1 Linuxsampler 1 Libgig 2025-04-20 6.5 Medium
The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
CVE-2017-12951 1 Libgig0 1 Libgig 2025-04-20 N/A
The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file.
CVE-2017-12952 1 Libgig0 1 Libgig 2025-04-20 N/A
The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
CVE-2017-12953 1 Libgig0 1 Libgig 2025-04-20 N/A
The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted gig file.
CVE-2017-12954 1 Libgig0 1 Libgig 2025-04-20 N/A
The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted gig file.
CVE-2017-12955 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
CVE-2017-12956 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service.
CVE-2017-12957 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service.
CVE-2017-12958 1 Gnu 1 Pspp 2025-04-20 N/A
There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
CVE-2017-12959 1 Gnu 1 Pspp 2025-04-20 N/A
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.
CVE-2017-12960 1 Gnu 1 Pspp 2025-04-20 N/A
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
CVE-2017-12961 1 Gnu 1 Pspp 2025-04-20 N/A
There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
CVE-2017-12962 1 Libsass 1 Libsass 2025-04-20 N/A
There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack.
CVE-2017-12963 1 Libsass 1 Libsass 2025-04-20 N/A
There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix (available from GitHub after 2017-07-24).