CVE-2018-7590

CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation.

Source: CVE-2018-7590

CVE-2017-18212

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex frunction in lit/lit-char-helpers.c via a RegExp("[x0"); payload.

Source: CVE-2017-18212

CVE-2018-7589

An issue was discovered in CImg v.220. A double free in load_bmp in CImg.h occurs when loading a crafted bmp image.

Source: CVE-2018-7589

CVE-2018-7586

In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured.

Source: CVE-2018-7586

CVE-2018-7588

An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image.

Source: CVE-2018-7588

CVE-2018-7587

An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in load_bmp in CImg.h.

Source: CVE-2018-7587

CVE-2018-7049

An issue was discovered in Wowza Streaming Engine before 4.7.1. There is an XSS vulnerability in the HTTP providers (com.wowza.wms.http.HTTPProviderMediaList and com.wowza.wms.http.streammanager.HTTPStreamManager) causing script injection and/or reflection via a crafted HTTP request.

Source: CVE-2018-7049

CVE-2018-7048

An issue was discovered in Wowza Streaming Engine before 4.7.1. There is a denial of service (memory consumption) via a crafted HTTP request.

Source: CVE-2018-7048

CVE-2017-18210

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.

Source: CVE-2017-18210

CVE-2017-18211

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.

Source: CVE-2017-18211