Search

Search Results (364348 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-12670 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.
CVE-2017-12671 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.
CVE-2017-12672 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
CVE-2017-12673 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
CVE-2017-12674 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.
CVE-2017-12675 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
CVE-2017-12676 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
CVE-2017-12677 1 Identityserver 1 Identityserver3 2025-04-20 N/A
IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow remote attackers to obtain sensitive information about the IdentityServer authorization response.
CVE-2017-12678 2 Debian, Taglib 2 Debian Linux, Taglib 2025-04-20 8.8 High
In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.
CVE-2017-12679 1 Nexusphp 1 Nexusphp 2025-04-20 N/A
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
CVE-2017-12680 1 Nexusphp Project 1 Nexusphp 2025-04-20 N/A
Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php.
CVE-2017-1269 1 Ibm 1 Security Guardium 2025-04-20 N/A
IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744
CVE-2017-12691 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 N/A
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-12692 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 N/A
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
CVE-2017-12693 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 N/A
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
CVE-2017-12694 1 Spidercontrol 1 Scada Web Server 2025-04-20 N/A
A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files.
CVE-2017-12698 1 Advantech 1 Webaccess 2025-04-20 N/A
An Improper Authentication issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code execution.
CVE-2017-12699 1 Azeotech 1 Daqfactory 2025-04-20 N/A
An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be able to replace or modify original application files with malicious ones.
CVE-2017-1270 1 Ibm 1 Security Guardium 2025-04-20 N/A
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 124745.
CVE-2017-12702 1 Advantech 1 Webaccess 2025-04-20 N/A
An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, which could allow an attacker to execute arbitrary code.