CVE-2017-13768
- EPSS 2.07%
- Veröffentlicht 30.08.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVE-2017-13769
- EPSS 1.4%
- Veröffentlicht 30.08.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
CVE-2017-12877
- EPSS 2.29%
- Veröffentlicht 28.08.2017 19:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CVE-2014-9637
- EPSS 2.37%
- Veröffentlicht 25.08.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
CVE-2015-1324
- EPSS 0.36%
- Veröffentlicht 25.08.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local user...
- EPSS 0.94%
- Veröffentlicht 25.08.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LT...
CVE-2015-1395
- EPSS 11.2%
- Veröffentlicht 25.08.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
CVE-2017-12836
- EPSS 5.97%
- Veröffentlicht 24.08.2017 14:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
CVE-2017-13139
- EPSS 3.82%
- Veröffentlicht 23.08.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-13145
- EPSS 1.57%
- Veröffentlicht 23.08.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.