CVE-2017-18027
- EPSS 3.05%
- Veröffentlicht 12.01.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:12
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-18028
- EPSS 1.72%
- Veröffentlicht 12.01.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:12
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2017-18029
- EPSS 4%
- Veröffentlicht 12.01.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:12
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-5344
- EPSS 0.37%
- Veröffentlicht 12.01.2018 09:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:37
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
CVE-2018-5357
- EPSS 3.69%
- Veröffentlicht 12.01.2018 09:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:38
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
CVE-2018-5358
- EPSS 1.69%
- Veröffentlicht 12.01.2018 09:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:38
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.
CVE-2018-5345
- EPSS 2.19%
- Veröffentlicht 12.01.2018 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:37
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.
CVE-2018-5332
- EPSS 0.43%
- Veröffentlicht 11.01.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:35
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
CVE-2018-5333
- EPSS 7.68%
- Veröffentlicht 11.01.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:36
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
CVE-2017-15129
- EPSS 0.36%
- Veröffentlicht 09.01.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:14:07
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in ne...