Lucene search
K

7041 matches found

CVE
CVE
added 2017/03/23 6:0 p.m.94 views

CVE-2016-9393

CVE-2016-9393 : The jpc_pi_nextrpcl function in jpc_t2cod.c within JasPer before 1.900.17 can cause a denial of service (assertion failure) when processing a crafted file. This is the only vulnerability described in the initial entry; the connected documents corroborate JasPer-related CVEs but do...

5.5CVSS5.8AI score0.01932EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2017/03/23 6:0 p.m.18 views

CVE-2016-9393

The jpcpinextrpcl function in jpct2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...

6AI score0.01932EPSS
Exploits0References7
CVE
CVE
added 2017/03/23 6:0 p.m.81 views

CVE-2016-9391

JasPer (CVE-2016-9391): The jpc_bitstream_getbits function in jpc_bs.c of JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer. This is the asserted under the CVE-2016-9391 entry and is corroborated by connected Nessus/NVD referenc...

7.5CVSS7.1AI score0.04277EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2017/03/23 6:0 p.m.19 views

CVE-2016-9387

Integer overflow in the jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure...

7.8AI score0.0191EPSS
Exploits0References7
CVE
CVE
added 2017/03/23 6:0 p.m.100 views

CVE-2016-9394

CVE-2016-9394 affects JasPer JPEG-2000 library. The jas_seq2d_create function in jas_seq.c is vulnerable to assertion-failure denial of service when processing crafted image files, for JasPer versions before 1.900.17. The connected documents corroborate that historical JasPer vulnerabilities incl...

5.5CVSS5.8AI score0.01975EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2017/03/23 6:0 p.m.21 views

CVE-2016-9396

The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion failure via unspecified vectors...

7.3AI score0.05686EPSS
Exploits0References11
Cvelist
Cvelist
added 2017/03/23 6:0 p.m.23 views

CVE-2016-9389

The jpcirct and jpciict functions in jpcmct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service assertion failure...

7.3AI score0.04414EPSS
Exploits0References8
CVE
CVE
added 2017/03/23 6:0 p.m.148 views

CVE-2016-9398

CVE-2016-9398 affects JasPer: the jpc_floorlog2 function in jpc_math.c is vulnerable in versions before 1.900.17, allowing remote attackers to trigger a denial of service (assertion failure) via unspecified vectors. Connected documents confirm the affected component and impact; no remediation det...

7.5CVSS7AI score0.05981EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2017/03/23 6:0 p.m.21 views

CVE-2016-9388

The rasgetcmap function in rasdec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service assertion failure via a crafted image file...

6AI score0.01951EPSS
Exploits0References7
CVE
CVE
added 2017/03/23 6:0 p.m.97 views

CVE-2016-9392

CVE-2016-9392 affects the JasPer JPEG 2000 library. The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows a crafted file to trigger an assertion failure, causing a denial of service. Affected are JasPer versions earlier than 1.900.17; remediation is to upgrade to 1.900.17 or ne...

5.5CVSS5.8AI score0.01949EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2017/03/23 6:0 p.m.21 views

CVE-2016-9391

The jpcbitstreamgetbits function in jpcbs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service assertion failure via a very large integer...

7.2AI score0.04277EPSS
Exploits0References7
CVE
CVE
added 2017/03/23 6:0 p.m.88 views

CVE-2016-9389

CVE-2016-9389 affects JasPer library; the flaw is in the jpc_irct and jpc_iict functions of jpc_mct.c, allowing remote denial of service via assertion failure when using JasPer versions before 1.900.14. The issue is concrete and tied to the library version and specific functions. A fix is to upgr...

7.5CVSS7.2AI score0.04414EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2017/03/23 6:0 p.m.89 views

CVE-2016-9390

CVE-2016-9390 – JasPer JPEG 2000 library : The vulnerability is in jas_seq2d_create in JasPer before 1.900.14, where a crafted image file can trigger an assertion failure and cause a denial of service. Affected component is the JasPer library’s JPEG 2000 handling; root cause is an assertion failu...

5.5CVSS5.8AI score0.01975EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2017/03/23 6:0 p.m.156 views

CVE-2016-9399

CVE-2016-9399 affects JasPer, with the description noting a vulnerability in the calcstepsizes function of jpc_dec.c in JasPer 1.900.22 that allows remote denial of service via assertion failure. Connected documents (Red Hat advisories and OpenVAS entries) list CVE-2016-9399 among Jasper-related ...

7.5CVSS7AI score0.03757EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2017/03/23 6:59 a.m.4 views

CVE-2016-5749

NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity XXE attack...

5.5CVSS5.8AI score0.00393EPSS
Exploits0References1
Prion
Prion
added 2017/03/23 6:59 a.m.10 views

Design/Logic Flaw

The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester...

5CVSS7AI score0.0109EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/03/23 6:59 a.m.4 views

CVE-2016-5752

The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester...

7.5CVSS5.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/03/23 12:0 a.m.25 views

CVE-2016-9394

The jasseq2dcreate function in jasseq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...

5.5CVSS6.8AI score0.01975EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/03/23 12:0 a.m.18 views

CVE-2016-9391

The jpcbitstreamgetbits function in jpcbs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service assertion failure via a very large integer...

7.5CVSS7.2AI score0.04277EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/03/23 12:0 a.m.34 views

CVE-2016-9387

Integer overflow in the jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure...

7.8CVSS7.2AI score0.0191EPSS
Exploits0References4
Rows per page
Query Builder