CVE-2017-6814
- EPSS 3.02%
- Veröffentlicht 12.03.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. This is demonstrated by both (1) mishandling of the playlist shortcode in the wp_playlist_shortcode function in wp-includes/media.php and (2) mishan...
CVE-2017-6815
- EPSS 3%
- Veröffentlicht 12.03.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation.
CVE-2017-6816
- EPSS 3.12%
- Veröffentlicht 12.03.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality.
CVE-2017-6817
- EPSS 2.09%
- Veröffentlicht 12.03.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
CVE-2016-8714
- EPSS 2.4%
- Veröffentlicht 10.03.2017 10:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malic...
CVE-2017-6800
- EPSS 1.72%
- Veröffentlicht 10.03.2017 10:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
CVE-2017-6801
- EPSS 1.42%
- Veröffentlicht 10.03.2017 10:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
CVE-2017-6802
- EPSS 1.42%
- Veröffentlicht 10.03.2017 10:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
CVE-2017-6312
- EPSS 2.02%
- Veröffentlicht 10.03.2017 02:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to co...
CVE-2017-6313
- EPSS 1.94%
- Veröffentlicht 10.03.2017 02:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.