Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-22 | CVE-2017-13064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | 6.5 |
| 2017-08-22 | CVE-2017-13063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | 6.5 |
| 2017-08-22 | CVE-2017-13062 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file. | 6.5 |
| 2017-08-22 | CVE-2017-13061 | Improper Input Validation vulnerability in Imagemagick 7.0.65 In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file. | 6.5 |
| 2017-08-22 | CVE-2017-13060 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.65 In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-08-22 | CVE-2017-13059 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file. | 6.5 |
| 2017-08-22 | CVE-2017-13058 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-08-21 | CVE-2017-7424 | Path Traversal vulnerability in Microfocus Enterprise Developer and Enterprise Server A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is configured. | 6.5 |
| 2017-08-21 | CVE-2017-7422 | Cross-site Scripting vulnerability in Microfocus Enterprise Developer and Enterprise Server Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features, if this component is configured. | 5.4 |
| 2017-08-21 | CVE-2017-7421 | Cross-site Scripting vulnerability in Microfocus products Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features. | 6.1 |