Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-02 | CVE-2017-9409 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55 In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9408 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9407 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55 In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9406 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9405 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55 In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9404 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9403 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-0896 | Missing Authorization vulnerability in Zulip Server Zulip Server 1.5.1 and below suffer from an error in the implementation of the invite_by_admins_only setting in the Zulip group chat application server that allowed an authenticated user to invite other users to join a Zulip organization even if the organization was configured to prevent this. | 6.5 |
| 2017-06-02 | CVE-2017-9380 | Unrestricted Upload of File with Dangerous Type vulnerability in Open-Emr Openemr OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application. | 8.8 |
| 2017-06-02 | CVE-2017-9379 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear parameter to core\admin\modules\dashboard\vitals-statistics\404\clear.php and the from or to parameter to core\admin\modules\dashboard\vitals-statistics\404\create-301.php. | 8.8 |