Lucene search
+L

126 matches found

CNVD
CNVD
added 2017/06/27 12:0 a.m.50 views

LAME fill_buffer_resample function denial of service vulnerability

LAME is an open source MP3 audio compression software. A security vulnerability in the LAME libmp3lame.a/util.c/fillbufferresample function allows remote attackers to exploit the vulnerability by submitting a special file that induces the user to parse it, which can crash the application...

5.5CVSS6.9AI score0.01441EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/10 12:0 a.m.6 views

Google Android Mediaserver Code Execution Vulnerability (CNVD-2017-04725)

Google Android is a mobile operating system based on the Linux open kernel. Google Android suffers from a security vulnerability in the Mediaserver implementation, which allows remote attackers to exploit the vulnerability to construct special media files and trick users into parsing them, which...

9.3CVSS7.2AI score0.01575EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/23 12:0 a.m.7 views

ImageMagick magick/colormap-private.h file denial of service vulnerability

ImageMagick is a set of open source image processing software. A security vulnerability exists in the ImageMagick magick/colormap-private.h file. An attacker can exploit the vulnerability to submit a special file that will trick the application into parsing it, crashing the application...

7.5CVSS9.1AI score0.02079EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/22 12:0 a.m.5 views

PoDoFo 'ColorChanger::GetColorFromStack' Function Denial of Service Vulnerability

PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in PoDoFo's 'ColorChanger::GetColorFromStack' function. Allows a remote attacker to construct a malicious file and trick the user into parsing it, which can crash the application...

5.5CVSS5.7AI score0.01039EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/02 12:0 a.m.1 views

QEMU Denial of Service Vulnerability (CNVD-2017-02735)

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that allows an attacker to submit a special request that can be exploited to crash an application...

6.5CVSS7.5AI score0.03036EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/28 12:0 a.m.5 views

ytnef out-of-bounds read denial of service vulnerability (CNVD-2017-02558)

ytnef is an application library for extracting data from winmail.dat files. An out-of-bounds read vulnerability exists in ytnef. A remote attacker could exploit this vulnerability to construct a malicious file that could be parsed by the user, which could crash the application...

7.8CVSS7.6AI score0.01223EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/28 12:0 a.m.30 views

ytnef Buffer Overflow Denial of Service Vulnerability

ytnef is an application library for extracting data from winmail.dat files. A buffer overflow vulnerability exists in ytnef. A remote attacker could exploit this vulnerability to construct a malicious file that could be parsed by the user, which could crash the application...

7.8CVSS8AI score0.01345EPSS
Exploits0References1
CNVD
CNVD
added 2017/01/13 12:0 a.m.3 views

Multiple Buffer Overflow Vulnerabilities in GnuTLS

GnuTLS is a free secure communications library for implementing SSL, TLS and DTLS protocols. A buffer overflow-based vulnerability exists in GnuTLS that could be exploited by a remote attacker to submit a specially crafted request to crash an application linking to this library...

7.5CVSS8.9AI score0.08009EPSS
Exploits0References1
CNVD
CNVD
added 2017/01/13 12:0 a.m.2 views

GnuTLS Stack Buffer Overflow Vulnerability

GnuTLS is a free secure communications library for implementing SSL, TLS and DTLS protocols. GnuTLS suffers from a stack buffer overflow vulnerability that could be exploited by a remote attacker to submit a specially crafted request to crash an application linking to this library...

9.8CVSS9.8AI score0.07071EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.3 views

Adobe Reader and Acrobat Memory Corruption Vulnerability (CNVD-2016-08969)

Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDFs. A memory corruption vulnerability exists in Adobe Reader and Acrobat, which allows remote attackers to exploit the vulnerabilit...

10CVSS7.1AI score0.05038EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.5 views

QEMU 'hw/usb/hcd-xhci.c' Denial of Service Vulnerability

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU 'hw/usb/hcd-xhci.c', which can be exploited by an attacker to crash the application and cause...

6CVSS8.7AI score0.00386EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/10 12:0 a.m.5 views

ImageMagick Denial of Service Vulnerability (CNVD-2016-08683)

ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A denial-of-service vulnerability exists in ImageMagick, which can be exploited by an attacker to cause a denial-of-service by crashing an affected application...

7.8CVSS9.1AI score0.04868EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/30 12:0 a.m.1 views

PHP 'xp_socket.c' Denial of Service Vulnerability

PHP is an open source general-purpose computer scripting language. PHP 'xpsocket.c' has a denial of service vulnerability that allows attackers to exploit the vulnerability to crash an application and cause a denial of service...

6.5AI score
Exploits0References1
CNVD
CNVD
added 2016/08/17 12:0 a.m.2 views

Facebook HHVM Denial of Service Vulnerability

HHWM HipHop VM is a virtual machine launched by Facebook to execute PHP code. Facebook HHVM has a denial of service vulnerability. An attacker can exploit the vulnerability to crash the affected application, denying service to legitimate users...

7.1AI score
Exploits0References1
CNVD
CNVD
added 2016/06/17 12:0 a.m.2 views

Adobe Flash Player Memory Corruption Vulnerability (CNVD-2016-04102)

Adobe Flash Player is a multimedia player product. A memory corruption vulnerability exists in Adobe Flash Player, which can be exploited by remote attackers to construct malicious SWF content that can be parsed by the user, which can crash the application or execute arbitrary code...

9.8CVSS7.5AI score0.06266EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/05 12:0 a.m.4 views

Google Chrome media heap buffer overflow vulnerability

Google Chrome is a popular web browser. Google Chrome media suffers from a heap buffer overflow vulnerability that allows remote attackers to exploit the vulnerability to build malicious web pages that can be tricked into parsing by users, which can crash the application or execute arbitrary code...

6.5CVSS9.7AI score0.01025EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/22 12:0 a.m.4 views

Apple iOS/watchOS/tvOS and OS X El Capitan Disk Images Arbitrary Code Execution Vulnerability

Apple iOS is an operating system for Apple's cell phones.OS X El Capitan is a dedicated operating system for Mac computers.watchOS is a smartwatch operating system. A security vulnerability in Disk Images in Apple iOS, watchOS, and OS X El Capitan allows attackers to submit a special request to...

9.3CVSS7.1AI score0.01611EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/26 12:0 a.m.4 views

PHP 'php_snmp_error()' function formatted denial of service vulnerability

PHP is an open source general-purpose computer scripting language. The PHP 'phpsnmperror' function fails to properly handle string formatting, allowing remote attackers to exploit the vulnerability by submitting a special request to crash the application...

9.8CVSS9.2AI score0.19455EPSS
Exploits1References1
CNVD
CNVD
added 2016/04/16 12:0 a.m.4 views

Silicon Graphics LibTiff rgb2ycbcr tool divide by zero error vulnerability (CNVD-2016-02320)

Silicon Graphics LibTiff is a library for reading and writing TIFF files. A divide-by-zero error vulnerability in Silicon Graphics LibTiff's rgb2ycbcr tool allows remote attackers to construct a malicious image that can be tricked into parsing by the user, which can crash the application...

5.5CVSS9.2AI score0.00494EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/24 12:0 a.m.5 views

Pixman Integer Overflow Vulnerability

Pixman is an underlying software library for pixel manipulation. An integer overflow vulnerability exists in Pixman, which can be exploited by a remote attacker to cause a denial of service application crash or execute arbitrary code with user privileges...

9.8CVSS8AI score0.05573EPSS
Exploits0References1
Rows per page
Query Builder