Max CVSS 10.0 Min CVSS 4.0 Total Count65
IDCVSSSummaryLast (major) updatePublished
CVE-2017-15105 5.0
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound int
23-01-2018 - 11:29 23-01-2018 - 11:29
CVE-2018-2703 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacke
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2696 7.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attack
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2668 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2667 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2665 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2647 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with net
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2646 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2645 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker w
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2640 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2622 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2612 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2600 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2591 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with netw
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2590 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker w
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2586 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2583 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with networ
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2576 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2573 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network acce
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2565 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple p
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-2562 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged a
17-01-2018 - 21:29 17-01-2018 - 21:29
CVE-2018-5712 4.3
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.
16-01-2018 - 04:29 16-01-2018 - 04:29
CVE-2018-5704 9.3
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a cra
16-01-2018 - 04:29 16-01-2018 - 04:29
CVE-2018-0486 6.4
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct im
13-01-2018 - 13:29 13-01-2018 - 13:29
CVE-2018-5247 4.3
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
05-01-2018 - 14:29 05-01-2018 - 14:29
CVE-2018-5246 4.3
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
05-01-2018 - 14:29 05-01-2018 - 14:29
CVE-2017-18022 4.3
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
05-01-2018 - 14:29 05-01-2018 - 14:29
CVE-2017-5753 4.7
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
04-01-2018 - 08:29 04-01-2018 - 08:29
CVE-2017-5715 4.7
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
04-01-2018 - 08:29 04-01-2018 - 08:29
CVE-2017-1000480 7.5
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
03-01-2018 - 13:29 03-01-2018 - 13:29
CVE-2017-1000501 7.5
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
03-01-2018 - 10:29 03-01-2018 - 10:29
CVE-2017-17881 4.3
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-1000407 6.1
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
11-12-2017 - 16:29 11-12-2017 - 16:29
CVE-2017-8817 7.5
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
29-11-2017 - 13:29 29-11-2017 - 13:29
CVE-2017-8816 7.5
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via
29-11-2017 - 13:29 29-11-2017 - 13:29
CVE-2017-12636 9.0
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB bef
14-11-2017 - 15:29 14-11-2017 - 15:29
CVE-2017-12635 10.0
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the data
14-11-2017 - 15:29 14-11-2017 - 15:29
CVE-2017-12629 7.5
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is N
14-10-2017 - 19:29 14-10-2017 - 19:29
CVE-2017-14533 4.3
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
17-09-2017 - 21:29 17-09-2017 - 21:29
CVE-2017-14326 4.3
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
12-09-2017 - 04:29 12-09-2017 - 04:29
CVE-2017-6362 5.0
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
07-09-2017 - 09:29 07-09-2017 - 09:29
CVE-2017-13733 4.3
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13732 4.3
There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13731 4.3
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13730 4.3
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13729 4.3
There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13728 4.3
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13658 4.3
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/i
24-08-2017 - 02:29 24-08-2017 - 02:29
CVE-2017-13648 4.3
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
23-08-2017 - 17:29 23-08-2017 - 17:29
CVE-2017-12904 9.3
Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its t
23-08-2017 - 10:29 23-08-2017 - 10:29
CVE-2017-13146 6.8
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
23-08-2017 - 02:29 23-08-2017 - 02:29
CVE-2017-13060 4.3
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
22-08-2017 - 02:29 22-08-2017 - 02:29
CVE-2017-12675 4.3
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12672 4.3
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12670 4.3
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12667 6.8
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12564 4.3
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
05-08-2017 - 14:29 05-08-2017 - 14:29
CVE-2017-12434 4.3
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
04-08-2017 - 06:29 04-08-2017 - 06:29
CVE-2017-11724 4.3
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
29-07-2017 - 01:29 29-07-2017 - 01:29
CVE-2017-11644 4.3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
26-07-2017 - 04:29 26-07-2017 - 04:29
CVE-2017-11529 4.3
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2017-11141 7.1
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
09-07-2017 - 23:29 09-07-2017 - 23:29
CVE-2017-10800 4.3
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
02-07-2017 - 21:29 02-07-2017 - 21:29
CVE-2017-10672 7.5
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
29-06-2017 - 04:29 29-06-2017 - 04:29
CVE-2016-10369 4.6
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
08-05-2017 - 14:29 08-05-2017 - 14:29
Back to Top Mark selected
Back to Top