CVE-2017-1000115
- EPSS 4.82%
- Veröffentlicht 05.10.2017 01:29:04
- Zuletzt bearbeitet 13.05.2026 00:24:29
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
- EPSS 5.73%
- Veröffentlicht 05.10.2017 01:29:04
- Zuletzt bearbeitet 13.05.2026 00:24:29
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
CVE-2017-14994
- EPSS 2.88%
- Veröffentlicht 04.10.2017 01:29:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames...
CVE-2017-14997
- EPSS 3.39%
- Veröffentlicht 04.10.2017 01:29:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
CVE-2017-12166
- EPSS 3.63%
- Veröffentlicht 04.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
CVE-2017-12617
- EPSS 99.99%
- Veröffentlicht 04.10.2017 01:29:02
- Zuletzt bearbeitet 21.04.2026 17:03:52
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload ...
CVE-2017-14491
- EPSS 84.93%
- Veröffentlicht 04.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2017-14990
- EPSS 1.76%
- Veröffentlicht 03.10.2017 01:29:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database rea...
CVE-2017-14492
- EPSS 93.31%
- Veröffentlicht 03.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
CVE-2017-14493
- EPSS 83.64%
- Veröffentlicht 03.10.2017 01:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.