CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

892 matches found

OSV•added 2018/06/11 9:29 p.m.•0 views

DEBIAN-CVE-2017-7778

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

9.8CVSS9.5AI score0.01434EPSS

Exploits0References1

NVD•added 2018/06/11 9:29 p.m.•12 views

CVE-2017-7778

9.8CVSS9.6AI score0.01434EPSS

Exploits0References20

OSV•added 2018/06/11 9:29 p.m.•13 views

CVE-2017-7778

9.8CVSS9.6AI score

Exploits0References20

NVD•added 2018/06/11 9:29 p.m.•16 views

CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

8.8CVSS9AI score0.00556EPSS

Exploits0References12

OSV•added 2018/06/11 9:29 p.m.•0 views

DEBIAN-CVE-2017-5436

8.8CVSS9.1AI score0.00556EPSS

Exploits0References1

OSV•added 2018/06/11 9:29 p.m.•5 views

CVE-2017-5436

8.8CVSS8.2AI score

Exploits0References12

Prion•added 2018/06/11 9:29 p.m.•14 views

Cross site scripting

6.8CVSS8.8AI score0.00556EPSS

Exploits0References12Affected Software10

Debian CVE•added 2018/06/11 9:0 p.m.•32 views

CVE-2017-7778

9.8CVSS10AI score0.01434EPSS

Exploits0

CVE•added 2018/06/11 9:0 p.m.•149 views

CVE-2017-7778

CVE-2017-7778 relates to multiple vulnerabilities in Graphite2 (upstream 1.3.10). The issues include out-of-bounds reads, buffer overflow reads/writes, and use of uninitialized memory in Graphite2, and are addressed by upgrading to Graphite2 1.3.10. Publicly affected products in the CVE record in...

9.8CVSS8.6AI score0.01434EPSS

Exploits0References20Affected Software2

Cvelist•added 2018/06/11 9:0 p.m.•17 views

CVE-2017-5436

8.4AI score0.00556EPSS

Exploits0References12

Debian CVE•added 2018/06/11 9:0 p.m.•40 views

CVE-2017-5436

8.8CVSS10AI score0.00556EPSS

Exploits0

CVE•added 2018/06/11 9:0 p.m.•217 views

CVE-2017-5436

CVE-2017-5436 is an out-of-bounds write in the Graphite 2 library triggered by a malicious Graphite font, causing a potentially exploitable crash. The issue was fixed in Graphite 2 and in Mozilla products; affected Mozilla components include Thunderbird < 52.1, Firefox ESR < 45.9 and < 5...

8.8CVSS8.2AI score0.00556EPSS

Exploits0References12Affected Software1

Cvelist•added 2018/06/11 9:0 p.m.•22 views

CVE-2017-7778

8.8AI score0.01434EPSS

Exploits0References20

OSV•added 2018/03/09 7:29 p.m.•1 views

DEBIAN-CVE-2018-7999

In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...

8.8CVSS8.6AI score0.00205EPSS

Exploits1References1

Tenable Nessus•added 2017/10/16 12:0 a.m.•35 views

GLSA-201710-13 : Graphite: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201710-13 Graphite: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Graphite. Please review the referenced CVE identifiers for details. Impact : A remote attacker could possibly execute arbitrary code wit...

9.8CVSS8.2AI score0.01434EPSS

Exploits6References8

Gentoo Linux•added 2017/10/13 12:0 a.m.•43 views

Graphite: Multiple vulnerabilities

Background Graphite is a “smart font” system developed specifically to handle the complexities of lesser-known languages of the world. Description Multiple vulnerabilities have been discovered in Graphite. Please review the referenced CVE identifiers for details. Impact A remote attacker could...

9.8CVSS10AI score0.01434EPSS

Exploits6

OSV•added 2017/07/25 10:7 p.m.•8 views

MGASA-2017-0217 Updated graphite2 packages fix security vulnerabilities

An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution CVE-2017-5436. Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if...

9.8CVSS9.1AI score0.01434EPSS

Exploits6References4

RedHat Linux•added 2017/07/20 11:16 p.m.•3 views

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

9.8CVSS7.7AI score0.01434EPSS

Exploits1References6

RedHat Linux•added 2017/07/20 11:16 p.m.•4 views

graphite2: out of bounds read "graphite2::Silf::readGraphite"

An out of bounds read flaw related to "graphite2::Silf::readGraphite" has been reported in graphite2. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

9.8CVSS7.2AI score0.01434EPSS

Exploits1References6

RedHat Linux•added 2017/07/20 11:16 p.m.•1 views

graphite2: use of uninitialized memory "graphite2::GlyphCache::Loader::read_glyph"

The use of uninitialized memory related to "graphite2::GlyphCache::Loader::readglyph" has been reported in graphite2. An attacker could possibly exploit this flaw to negatively impact the execution of an application using graphite2 in unknown ways...

9.8CVSS7.4AI score0.01434EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by