Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-07 | CVE-2017-12600 | Unspecified vulnerability in Opencv OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case. | 7.5 |
| 2017-08-07 | CVE-2017-12599 | Out-of-bounds Read vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread. | 8.8 |
| 2017-08-07 | CVE-2017-12598 | Out-of-bounds Read vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. | 8.8 |
| 2017-08-07 | CVE-2017-12597 | Out-of-bounds Write vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. | 8.8 |
| 2017-08-07 | CVE-2017-12596 | Out-of-bounds Read vulnerability in Openexr 2.2.0 In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact. | 7.8 |
| 2017-08-06 | CVE-2017-10677 | Cross-Site Request Forgery (CSRF) vulnerability in Linksys Ea4500 Firmware 2.0.36 Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP. | 8.8 |
| 2017-08-06 | CVE-2017-12587 | Excessive Iteration vulnerability in Imagemagick 7.0.61 ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c. | 8.8 |
| 2017-08-06 | CVE-2017-12480 | Untrusted Search Path vulnerability in Sandboxie Installer 5071703 Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory. | 7.8 |
| 2017-08-06 | CVE-2017-12585 | SQL Injection vulnerability in Slims Akasia SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. | 8.8 |
| 2017-08-06 | CVE-2017-12584 | Cross-Site Request Forgery (CSRF) vulnerability in Slims Senayan Library Management System There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. | 8.8 |