Otwarty Bugtraq


2017-11-22
Low
2017-11-21
Low
Low
Med.
Med.
Med.
Low
Med.
Low
2017-11-20
Med.
Med.
2017-11-19
Med.
2017-11-18
Med.


Ostatnie CVE

2017-11-06
CVE-2017-16547 Graphicsmagick Graphicsmagick
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.

2017-11-05
CVE-2017-16545 Graphicsmagick Graphicsmagick
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.

CVE-2017-16546 Imagemagick Imagemagick
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.

2017-11-03
CVE-2017-16522 Mitrastar Dsl-100hn-t1 firmware
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute.

CVE-2017-16523 Mitrastar Dsl-100hn-t1 firmware
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented.

CVE-2017-1000131 Mahara Mahara
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to users staying logged in to their Mahara account even when they have been logged out of Moodle (when using MNet) as Mahara did not properly implement one of the MNet SSO API functions.

CVE-2017-1000132 Mahara Mahara
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to a maliciously created .swf files that can have its code executed when a user tries to download the file.

CVE-2017-1000133 Mahara Mahara
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to a user - in some circumstances causing another user's artefacts to be included in a Leap2a export of their own pages.

CVE-2017-1000134 Mahara Mahara
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable because group members can lose access to the group files they uploaded if another group member changes the access permissions on them.

CVE-2017-1000135 Mahara Mahara
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended.


Dorks


2017-11-20
Med.
Informacion - Anonymous
2017-11-18
Med.
MrTuRkIsH
2017-11-17
Med.
Xresponse
2017-11-13
Low
IRANIAN ETHICAL HACKERS
Med.
IRANIAN ETHICAL HACKERS

Copyright 2017, cxsecurity.com

 

Back to Top