Lucene search
K

94 matches found

NVD
NVD
added 2018/01/12 11:29 p.m.12 views

CVE-2017-0855

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...

7.8CVSS7.4AI score0.0173EPSS
Exploits0References3
CVE
CVE
added 2018/01/12 11:0 p.m.56 views

CVE-2017-0855

CVE-2017-0855 affects Android’s Media Framework in MPEG4Extractor.cpp, where several paths return early without cleaning up internal buffers, leading to memory leaks. The impact is remote denial of service of a privileged process without extra privileges or user interaction. Affected Android vers...

7.8CVSS7.4AI score0.0173EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.9 views

CVE-2004-0855

...

Exploits0
OSV
OSV
added 2017/03/23 8:59 p.m.2 views

DEBIAN-CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

9.8CVSS9.1AI score0.03236EPSS
Exploits0References1
OSV
OSV
added 2017/03/23 8:59 p.m.5 views

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

9.8CVSS9.6AI score
Exploits0References9
Cvelist
Cvelist
added 2017/03/23 8:0 p.m.22 views

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

9.7AI score0.03236EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/03/23 8:0 p.m.20 views

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

10CVSS9.7AI score0.03236EPSS
Exploits0
CVE
CVE
added 2017/03/23 8:0 p.m.46 views

CVE-2015-0855

CVE-2015-0855 affects Pitivi prior to version 0.95, where the _mediaLibraryPlayCb function in pitivi/mainwindow.py can be abused to execute arbitrary OS commands via shell metacharacters in a file path. Multiple advisories (Debian, OpenSUSE, Fedora, Mageia, Ubuntu-related updates) acknowledge thi...

10CVSS9.6AI score0.03236EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/05/18 12:0 a.m.62 views

Oracle Linux 6 : kernel (ELSA-2016-0855)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0855 advisory. - x86 kernel: espfix not working for 32-bit KVM paravirt guests Jacob Tanenbaum 1172767 CVE-2014-8134 - x86 nmi/64: Fix a paravirt stack-clobbering bug...

7.2CVSS6.8AI score0.03693EPSS
Exploits1References10
Check Point Advisories
Check Point Advisories
added 2016/05/15 12:0 a.m.7 views

Advantech WebAccess SCADA Dashboard Directory Traversal (CVE-2016-0855)

A directory traversal vulnerability has been reported in the Dashboard component of Advantech WebAccess. The vulnerability is due to insufficient input validation within the openWidget, removeFolder or removeFile methods in the FileAjaxAction script. A remote, unauthenticated attacker could explo...

5CVSS7.6AI score0.04693EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.16 views

openSUSE Security Update : pitivi (openSUSE-2016-14)

This update for pitivi fixes the following issues : - CVE-2015-0855: 'Insecure use of os.system' boo960339 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-14. The text descriptio...

10CVSS8.2AI score0.03236EPSS
Exploits0References2
CVE
CVE
added 2016/01/15 2:0 a.m.67 views

CVE-2016-0855

CVE-2016-0855 concerns Advantech WebAccess (pre-8.1). The vulnerability is a directory traversal in the WebAccess Dashboard/Viewer that could allow remote attackers to list arbitrary files in a virtual directory via unspecified vectors. Public references from ZDI describe related dashboard viewer...

7.5CVSS7.4AI score0.04693EPSS
Exploits0References6Affected Software1
Mageia
Mageia
added 2016/01/09 5:8 p.m.28 views

Updated pitivi packages fix security vulnerability

In pitivi before 0.95, double-clicking a file in the user's media library with a specially-crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi CVE-2015-0855...

10CVSS9.6AI score0.03236EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.53 views

Oracle: Security Advisory (ELSA-2008-0855)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.7AI score0.02674EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.6 views

IBM WebSphere Application Server Cross-Site Scripting - Ver2 (CVE-2009-0855)

A cross-site scripting vulnerability has been reported in IBM WebSphere Application Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.7AI score0.05979EPSS
Exploits1
CVE
CVE
added 2014/02/14 2:0 a.m.36 views

CVE-2014-0855

CVE-2014-0855 affects IBM Connections Portlets for WebSphere Portal (IBM WebSphere Portal 7.0.0.2 and 8.0.0.1) with Portlets 4.x prior to 4.5.1 FP1. The vulnerability is described as a reflected XSS in the Portlets, allowing remote attackers to inject arbitrary script/HTML via unspecified vectors...

4.3CVSS5.7AI score0.00931EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/12/07 9:0 p.m.50 views

CVE-2013-0855

CVE-2013-0855 affects FFmpeg’s libavcodec/alac.c alac_decode_close. Affected: FFmpeg before 1.1. Triggered by a large number of ALAC samples per frame, causing an out-of-bounds access. Impact is unspecified in the sources. Mitigation: upgrade FFmpeg to 1.1 or later (or apply vendor-specific patch...

9.3CVSS6.7AI score0.02968EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2012/08/27 11:55 p.m.18 views

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

5CVSS7AI score0.01765EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2012/08/27 11:55 p.m.35 views

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

5CVSS6.1AI score0.01765EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2012/08/27 11:0 p.m.24 views

CVE-2012-0855

Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...

5CVSS7.1AI score0.01765EPSS
Exploits0
Rows per page
Query Builder