Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-26 | CVE-2017-9619 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript Ghostxps 9.21 The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (Segmentation Violation and application crash) via a crafted file. | 7.8 |
2017-07-26 | CVE-2017-9618 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript Ghostxps 9.21 The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
2017-07-26 | CVE-2017-9612 | Use After Free vulnerability in multiple products The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
2017-07-26 | CVE-2017-9611 | Out-of-bounds Read vulnerability in multiple products The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
2017-07-26 | CVE-2017-9610 | Out-of-bounds Read vulnerability in Artifex Ghostscript Ghostxps 9.21 The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
2017-07-26 | CVE-2017-11658 | Path Traversal vulnerability in Wp-Rocket In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters (..) -- however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00.../.%00.../ attack. | 7.5 |
2017-07-26 | CVE-2017-11615 | Unspecified vulnerability in Factorio A sandbox escape in the Lua interface in Wube Factorio before 0.15.31 allows remote game servers or user-assisted attackers to execute arbitrary C code by including and loading a C library. | 8.6 |
2017-07-26 | CVE-2017-11655 | Missing Release of Resource after Effective Lifetime vulnerability in Sipcrack Project Sipcrack 0.2 A memory leak was found in the way SIPcrack 0.2 handled processing of SIP traffic, because a lines array was mismanaged. | 7.5 |
2017-07-26 | CVE-2017-6005 | Unspecified vulnerability in Waves Maxxaudio 1.1.6.0 Waves MaxxAudio, as installed on Dell laptops, adds a "WavesSysSvc" Windows service with File Version 1.1.6.0. | 7.0 |
2017-07-26 | CVE-2017-11642 | NULL Pointer Dereference vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | 8.8 |