Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-20 | CVE-2017-17789 | Out-of-bounds Write vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. | 6.8 |
| 2017-12-20 | CVE-2017-17788 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. | 4.3 |
| 2017-12-20 | CVE-2017-17787 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c. | 6.8 |
| 2017-12-20 | CVE-2017-17786 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. | 6.8 |
| 2017-12-20 | CVE-2017-17785 | Out-of-bounds Write vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | 6.8 |
| 2017-12-20 | CVE-2017-17784 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. | 6.8 |
| 2017-12-14 | CVE-2017-17680 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file. | 4.3 |
| 2017-12-13 | CVE-2017-17669 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. | 5.5 |
| 2017-12-11 | CVE-2017-1000407 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. | 6.1 |
| 2017-12-11 | CVE-2017-17504 | Out-of-bounds Read vulnerability in multiple products ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. | 4.3 |