Lucene search
K

2521 matches found

RedHat Linux
RedHat Linux
added 2017/05/10 12:43 p.m.6 views

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

8.8CVSS7.2AI score0.04793EPSS
Exploits0References6
NVD
NVD
added 2017/04/29 8:59 p.m.10 views

CVE-2017-8326

libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c a...

8.8CVSS9AI score0.02426EPSS
Exploits0References3
Prion
Prion
added 2017/04/29 8:59 p.m.13 views

Code injection

libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c a...

6.8CVSS8.9AI score0.02426EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/04/29 8:0 p.m.19 views

CVE-2017-8326

libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c a...

9.1AI score0.02426EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2017/04/28 12:0 a.m.33 views

[ASA-201704-10] libtiff: multiple issues

Arch Linux Security Advisory ASA-201704-10 ========================================== Severity: Medium Date : 2017-04-28 CVE-ID : CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 Package :...

7.8CVSS0.4AI score0.02572EPSS
Exploits7References29
Tenable Nessus
Tenable Nessus
added 2017/04/24 12:0 a.m.47 views

Debian DLA-909-1 : libcroco security update

CVE-2017-7960 A heap-based buffer over-read vulnerability could be triggered remotely via a crafted CSS file to cause a denial of service. CVE-2017-7961 An 'outside the range of representable values of type long' undefined behavior issue was found in libcroco, which might allow remote attackers t...

7.8CVSS6.7AI score0.02001EPSS
Exploits2References4
Debian
Debian
added 2017/04/23 11:46 a.m.23 views

[SECURITY] [DLA 909-1] libcroco security update

Package : libcroco Version : 0.6.6-2+deb7u1 CVE ID : CVE-2017-7960 CVE-2017-7961 Debian Bug : 860961 CVE-2017-7960 A heap-based buffer over-read vulnerability could be triggered remotely via a crafted CSS file to cause a denial of service. CVE-2017-7961 An "outside the range of representable valu...

7.8CVSS7.3AI score0.02001EPSS
Exploits2
OSV
OSV
added 2017/04/19 3:59 p.m.7 views

CVE-2017-7961

The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...

7.8CVSS8AI score
Exploits0References6
OSV
OSV
added 2017/04/19 3:59 p.m.2 views

ALPINE-CVE-2017-7961

The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...

7.8CVSS7.4AI score0.01966EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/04/19 3:0 p.m.25 views

CVE-2017-7961

The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...

7.2AI score0.01966EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2017/04/19 3:0 p.m.20 views

CVE-2017-7961

The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...

7.6AI score0.01966EPSS
Exploits1References6
CVE
CVE
added 2017/04/19 3:0 p.m.187 views

CVE-2017-7961

The CVE-2017-7961 issue affects libcroco up to version 0.6.12 (cr-tknzr_parse_rgb in cr-tknzr.c). The function may exhibit undefined behavior by converting a double RGB component to a long, potentially enabling denial of service (application crash) or other impact via a crafted CSS file. This is ...

7.8CVSS7.8AI score0.01966EPSS
Exploits1References6Affected Software1
AlpineLinux
AlpineLinux
added 2017/04/19 3:0 p.m.417 views

CVE-2017-7961

The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...

7.8CVSS8AI score0.01966EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2017/04/19 12:0 a.m.4 views

PT-2017-18028 · Gnome +2 · Libcroco +2

Name of the Vulnerable Software and Affected Versions: libcroco versions 0.6.11 through 0.6.12 Description: The issue is related to an "outside the range of representable values of type long" undefined behavior in the cr tknzr parse rgb function, which could potentially allow remote attackers to...

7.8CVSS7.9AI score0.12996EPSS
Exploits7References42
Veracode
Veracode
added 2017/04/18 2:26 a.m.10 views

Undefined Behaviour Or Denial Of Service (DoS)

zziplib is vulnerable to undefined behavior or denial of service DoS attacks. The vulnerability exists because there is a flaw that causes the loading of a misaligned address in memdisk.c...

6.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2017/04/11 2:20 p.m.27 views

CVE-2017-7601

LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS6.2AI score0.02452EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/04/11 1:49 p.m.24 views

CVE-2017-7597

tifdirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS6.3AI score0.01768EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/04/11 1:48 p.m.24 views

CVE-2017-7596

LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS6.3AI score0.01941EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/04/11 1:48 p.m.30 views

CVE-2017-7592

The putagreytile function in tifgetimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS6.8AI score0.01951EPSS
Exploits0References1
Prion
Prion
added 2017/04/10 3:59 p.m.14 views

Integer overflow

The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang...

7.5CVSS7.5AI score0.01232EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder