CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 0CVE-2014-9841
https://notcve.org/view.php?id=CVE-2014-9841
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." La función ReadPSDLayers en coders/psd.c en ImageMagick 6.8.9.9 permite a atacantes remotos tener impacto no especificado a través de vectores desconocidos, relacionado con "lanzamiento de excepciones". • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://www.ubuntu.com/usn/USN-3131-1 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd127860 https://bugzilla.redhat. • CWE-388: 7PK - Errors •
CVSS: 7.5EPSS: 2%CPEs: 17EXPL: 0CVE-2014-9848
https://notcve.org/view.php?id=CVE-2014-9848
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). Fuga de memoria en ImageMagick permite a atacantes remotos provocar una denegación de servicio (consumo de memoria). • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://www.ubuntu.com/usn/USN-3131-1 https://bugzilla.redhat& • CWE-399: Resource Management Errors •
CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-5930 – Postfixadmin Protected Alias Deletion
https://notcve.org/view.php?id=CVE-2017-5930
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check. El componente AliasHandler en PostfixAdmin en versiones anteriores a 3.0.2 permiten a los administradores de dominio autenticados remotos eliminar alias protegidos a través del parámetro delete para delete.php, implicando un cheque de permiso desaparecido. Postfixadmin installations between 2.91 and 3.0.1 do not check if an admin is allowed to delete protected aliases. This vulnerability can be used to redirect protected aliases to an other mail address. Eg. rewrite the postmaster@domain alias. • http://lists.opensuse.org/opensuse-updates/2017-02/msg00076.html http://www.openwall.com/lists/oss-security/2017/02/08/1 http://www.openwall.com/lists/oss-security/2017/02/09/1 http://www.securityfocus.com/bid/96142 https://github.com/postfixadmin/postfixadmin/blob/postfixadmin-3.0.2/CHANGELOG.TXT https://github.com/postfixadmin/postfixadmin/pull/23 https://sourceforge.net/p/postfixadmin/mailman/message/35646827 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6318
https://notcve.org/view.php?id=CVE-2017-6318
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. saned en sane-backends 1.0.25 permite a atacantes remotos obtener información sensible de la memoria a través de un paquete SANE_NET_CONTROL_OPTION manipulado. • http://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035054.html http://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035059.html http://lists.opensuse.org/opensuse-updates/2017-03/msg00016.html http://www.securityfocus.com/bid/97028 https://alioth.debian.org/tracker/index.php?func=detail&aid=315576 https://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035029.html https://usn.ubuntu.com/4470-1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2014-9842
https://notcve.org/view.php?id=CVE-2014-9842
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Fuga de memoria en la función ReadPSDLayers en coders/psd.c en ImageMagick 6.8.9.9 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd12786 • CWE-400: Uncontrolled Resource Consumption •