Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-11 | CVE-2017-14257 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616 In the SDK in Bento4 1.5.0-616, AP4_AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. | 7.8 |
| 2017-09-11 | CVE-2017-14251 | Unrestricted Upload of File with Dangerous Type vulnerability in Typo3 Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code. | 8.8 |
| 2017-09-11 | CVE-2017-14240 | Information Exposure vulnerability in Dolibarr 6.0.0 There is a sensitive information disclosure vulnerability in document.php in Dolibarr ERP/CRM version 6.0.0 via the file parameter. | 7.5 |
| 2017-09-09 | CVE-2017-14229 | Infinite Loop vulnerability in Jasper Project Jasper 2.0.13 There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. | 7.5 |
| 2017-09-09 | CVE-2017-14227 | Out-of-bounds Read vulnerability in Mongodb 1.7.0 In MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-iter.c miscalculates a bson_utf8_validate length argument, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the bson_utf8_validate function in bson-utf8.c), as demonstrated by bson-to-json.c. | 7.5 |
| 2017-09-09 | CVE-2017-14226 | Out-of-bounds Read vulnerability in multiple products WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). | 7.5 |
| 2017-09-09 | CVE-2017-14225 | NULL Pointer Dereference vulnerability in Ffmpeg 3.3.3 The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dereference. | 8.8 |
| 2017-09-09 | CVE-2017-14224 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.68 A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file. | 8.8 |
| 2017-09-09 | CVE-2017-12699 | Incorrect Default Permissions vulnerability in Azeotech Daqfactory An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. | 7.1 |
| 2017-09-08 | CVE-2017-0804 | Unspecified vulnerability in Google Android A elevation of privilege vulnerability in the MediaTek mmc driver. | 7.8 |