Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-11 | CVE-2017-17512 | Injection vulnerability in Sensible-Utils Project Sensible-Utils sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument. | 8.8 |
| 2017-12-11 | CVE-2017-11463 | Permission Issues vulnerability in Ivanti Endpoint Manager 2016.4/2017.1/2017.3 In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. | 8.8 |
| 2017-12-11 | CVE-2017-17509 | Out-of-bounds Write vulnerability in Hdfgroup Hdf5 1.10.1 In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. | 8.8 |
| 2017-12-11 | CVE-2017-17503 | Out-of-bounds Read vulnerability in multiple products ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. | 8.8 |
| 2017-12-11 | CVE-2017-17502 | Out-of-bounds Read vulnerability in multiple products ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. | 8.8 |
| 2017-12-11 | CVE-2017-17501 | Out-of-bounds Read vulnerability in multiple products WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. | 8.8 |
| 2017-12-11 | CVE-2017-17500 | Out-of-bounds Read vulnerability in multiple products ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file. | 8.8 |
| 2017-12-11 | CVE-2017-17498 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 8.8 |
| 2017-12-10 | CVE-2017-17497 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Htacg Tidy 5.7.0 In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value. | 7.5 |
| 2017-12-10 | CVE-2017-16241 | Missing Authentication for Critical Function vulnerability in Amag En-1Dbc Firmware, En-2Dbc Firmware and STD Firmware Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611 03.60 and STD App 23603 03.60; EN-2DBC Boot App 24451 01.00 and STD App 2461 01.00) enables remote attackers to execute door controller commands (e.g., lock, unlock, add ID card value) by sending unauthenticated requests to the affected devices via Serial over TCP/IP, as demonstrated by a Ud command. | 7.5 |