Search

Search Results (364967 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-1154 1 Ibm 1 Algo One 2025-04-20 N/A
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to files in the local environment which should not be viewed by application users. IBM Reference #: 1999892.
CVE-2017-11540 1 Imagemagick 1 Imagemagick 2025-04-20 N/A
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
CVE-2017-11541 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2017-11542 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVE-2017-11543 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2025-04-20 N/A
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
CVE-2017-11546 1 Timidity\+\+ Project 1 Timidity\+\+ 2025-04-20 N/A
The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a crash might be relevant when using the --background option.
CVE-2017-11547 1 Timidity\+\+ Project 1 Timidity\+\+ 2025-04-20 N/A
The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a setuid-root installation.
CVE-2017-11548 1 Xiph 1 Libao 2025-04-20 5.5 Medium
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file.
CVE-2017-11549 1 Timidity\+\+ Project 1 Timidity\+\+ 2025-04-20 N/A
The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mid file. NOTE: CPU consumption might be relevant when using the --background option.
CVE-2017-1155 1 Ibm 1 Algo One 2025-04-20 N/A
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. IBM Reference #: 1999754.
CVE-2017-11550 1 Libid3tag Project 1 Libid3tag 2025-04-20 N/A
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.
CVE-2017-11551 1 Libid3tag Project 1 Libid3tag 2025-04-20 N/A
The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file.
CVE-2017-13137 1 Formcrafts 1 Formcraft 2025-04-20 9.8 Critical
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
CVE-2017-11552 1 Underbit 1 Mad Libmad 2025-04-20 N/A
mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.
CVE-2017-11553 1 Exiv2 1 Exiv2 2025-04-20 N/A
There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service.
CVE-2017-11554 1 Libsass 1 Libsass 2025-04-20 N/A
There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service.
CVE-2017-11555 1 Libsass 1 Libsass 2025-04-20 N/A
There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service.
CVE-2017-11556 1 Libsass 1 Libsass 2025-04-20 N/A
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.
CVE-2017-1156 1 Ibm 1 Websphere Portal 2025-04-20 N/A
IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force. ID: 122592
CVE-2017-11562 1 Mt4 1 Senhasegura 2025-04-20 N/A
A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegura Web Application 2.2.23.8 via login_if.php.