Skip to main content
CVE-2017-7620 MEDIUM POC PATCH This Month

MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect CSRF PHP Mantisbt
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-9117 MEDIUM POC This Month

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libtiff Ubuntu Linux
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2017-9112 MEDIUM PATCH This Month

In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Openexr
NVD GitHub
CVSS 3.0
6.5
EPSS
1.0%
CVE-2017-9114 MEDIUM This Month

In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Openexr
NVD GitHub
CVSS 3.0
6.5
EPSS
1.0%
CVE-2017-9110 MEDIUM This Month

In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Openexr
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-9116 MEDIUM This Month

In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Openexr
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy