Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-04-09 CVE-2017-7602 Integer Overflow or Wraparound vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-190
7.8
2017-04-09 CVE-2017-7601 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7600 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7599 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7598 Divide By Zero vulnerability in Libtiff 4.0.7
tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
local
low complexity
libtiff CWE-369
7.8
2017-04-09 CVE-2017-7597 Improper Input Validation vulnerability in Libtiff 4.0.7
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7596 Improper Input Validation vulnerability in Libtiff 4.0.7
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-09 CVE-2017-7592 Improper Input Validation vulnerability in Libtiff 4.0.7
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
libtiff CWE-20
7.8
2017-04-07 CVE-2017-6033 Uncontrolled Search Path Element vulnerability in Schneider-Electric Interactive Graphical Scada System 10.0/12.0/9.0
A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions.
local
low complexity
schneider-electric CWE-427
7.8
2017-04-07 CVE-2017-6019 Resource Exhaustion vulnerability in Schneider-Electric Conext Combox 865-1058 Firmware 3.03
An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830.
network
low complexity
schneider-electric CWE-400
7.5