Skip to main content
CVE-2017-13065 MEDIUM This Month

GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Graphicsmagick Debian Linux
NVD
CVSS 3.0
6.5
EPSS
1.3%
CVE-2017-13064 MEDIUM This Month

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Graphicsmagick Debian Linux
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2017-13063 MEDIUM This Month

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Graphicsmagick Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2017-13061 MEDIUM This Month

In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-13062 MEDIUM This Month

In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-13060 MEDIUM This Month

In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-13059 MEDIUM This Month

In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-13058 MEDIUM This Month

In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-12843 MEDIUM This Month

Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cyrus Imap Fedora
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-13066 MEDIUM This Month

GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Graphicsmagick
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2014-6189 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Security Network Protection 3100, 4100, 5100, and 7100 devices with firmware 5.2 before 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008 and 5.3 before 5.3.0.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM Security Network Protection 4100 Firmware Security Network Protection 3100 Firmware Security Network Protection 5100 Firmware +1
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-6310 MEDIUM This Month

oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Enterprise Virtualization
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-6311 MEDIUM This Month

Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to remote attackers. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Jboss Enterprise Application Platform
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-2102 MEDIUM This Month

HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Haproxy
NVD
CVSS 3.0
5.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy