Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27110 of 28407

CVE-2017-12867

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset.

CVE-2017-12763

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files.

CVE-2017-12797

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer...

CVE-2017-12422

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.

CVE-2017-12875

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.

Author: Cyberthreat Blog

CVE-2017-12867

CVE-2017-12763

CVE-2017-12797

CVE-2017-12422

CVE-2017-12875