Shodan
Vulnerabilities
Vulnerable Software
Canonical:  >> Ubuntu Linux  >> 17.10  Security Vulnerabilities
CVE-2017-15032
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-10-05
CVE-2017-15033
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-10-05
CVE-2017-15017
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-10-05
CVE-2017-15015
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-10-05
CVE-2017-15016
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-10-05
CVE-2017-12617
Known exploited
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVSS Score
8.1
EPSS Score
0.944
Published
2017-10-04
CVE-2017-14632
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
CVSS Score
9.8
EPSS Score
0.065
Published
2017-09-21
CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().
CVSS Score
6.5
EPSS Score
0.01
Published
2017-09-21
CVE-2017-14626
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
CVSS Score
9.8
EPSS Score
0.011
Published
2017-09-21
CVE-2017-14624
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-09-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved