CVE-2017-17784
- EPSS 1.46%
- Veröffentlicht 20.12.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
CVE-2017-17785
- EPSS 1.15%
- Veröffentlicht 20.12.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
CVE-2017-17680
- EPSS 2.3%
- Veröffentlicht 14.12.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
CVE-2017-17681
- EPSS 2.98%
- Veröffentlicht 14.12.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
CVE-2017-17682
- EPSS 2.98%
- Veröffentlicht 14.12.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
CVE-2017-17669
- EPSS 1.6%
- Veröffentlicht 13.12.2017 22:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
CVE-2017-1000407
- EPSS 1.22%
- Veröffentlicht 11.12.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
CVE-2017-17499
- EPSS 3.31%
- Veröffentlicht 11.12.2017 02:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVE-2017-17504
- EPSS 1.61%
- Veröffentlicht 11.12.2017 02:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
CVE-2017-17480
- EPSS 5.14%
- Veröffentlicht 08.12.2017 19:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.