Security Vulnerabilities - CVEs Published In April 2017
Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.
CVSS Score
6.5
EPSS Score
0.009
Published
2017-04-20
Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks.
CVSS Score
4.3
EPSS Score
0.007
Published
2017-04-20
LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code.
CVSS Score
8.1
EPSS Score
0.029
Published
2017-04-20
Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers.
CVSS Score
8.8
EPSS Score
0.024
Published
2017-04-20
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-04-20
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-04-20
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS Score
6.5
EPSS Score
0.014
Published
2017-04-20
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.
CVSS Score
6.5
EPSS Score
0.009
Published
2017-04-20
The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.
CVSS Score
6.5
EPSS Score
0.008
Published
2017-04-20
Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-04-20