Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-04 CVE-2017-12449 Out-of-bounds Read vulnerability in GNU Binutils
The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file.
local
low complexity
gnu CWE-125
7.8
2017-08-04 CVE-2017-12448 Use After Free vulnerability in GNU Binutils
The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file.
local
low complexity
gnu CWE-416
7.8
2017-08-04 CVE-2017-10949 Path Traversal vulnerability in Dell Storage Manager 2016 R2.1
Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesn't properly validate user provided path before using it in file operations.
network
low complexity
dell CWE-22
7.5
2017-08-04 CVE-2017-11657 Untrusted Search Path vulnerability in Dashlane
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
local
low complexity
dashlane CWE-426
7.3
2017-08-04 CVE-2017-12435 Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.61
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
network
low complexity
imagemagick CWE-770
7.5
2017-08-04 CVE-2017-12430 Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.61
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.
network
low complexity
imagemagick CWE-770
7.5
2017-08-04 CVE-2017-12429 Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.61
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.
network
low complexity
imagemagick CWE-770
7.5
2017-08-04 CVE-2017-12428 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.
network
low complexity
imagemagick CWE-772
7.5
2017-08-04 CVE-2017-12425 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2.
7.5
2017-08-04 CVE-2017-12418 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.65
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.
network
low complexity
imagemagick CWE-772
7.5