Lucene search
K

7041 matches found

UbuntuCve
UbuntuCve
added 2017/03/05 12:0 a.m.29 views

CVE-2017-6498

An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...

5.5CVSS6.4AI score0.01321EPSS
Exploits0References3
OSV
OSV
added 2017/03/05 12:0 a.m.2 views

UBUNTU-CVE-2017-6498

An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...

5.5CVSS6.4AI score0.01321EPSS
Exploits0References4
NVD
NVD
added 2017/03/01 3:59 p.m.7 views

CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

5.5CVSS5.2AI score0.01616EPSS
Exploits1References3
OSV
OSV
added 2017/03/01 3:59 p.m.16 views

CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

5.5CVSS6.5AI score
Exploits0References3
CVE
CVE
added 2017/03/01 3:0 p.m.111 views

CVE-2017-5981

CVE-2017-5981 affects zziplib 0.13.62; the seeko.c path allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file. Upstream fixes/multi-distribution advisories indicate upgrading to 0.13.66+ (e.g., 0.13.66-2 in Arch, other vendors’ advisories) to mi...

5.5CVSS5.2AI score0.01616EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2017/03/01 3:0 p.m.16 views

CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

5.1AI score0.01616EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2017/03/01 3:0 p.m.24 views

CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

5.5CVSS5.3AI score0.01616EPSS
Exploits1
Debian CVE
Debian CVE
added 2017/03/01 3:0 p.m.16 views

CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

5.5CVSS4.6AI score0.01616EPSS
Exploits1
OSV
OSV
added 2017/03/01 12:0 a.m.0 views

UBUNTU-CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

5.5CVSS6.2AI score0.01616EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/02/27 12:0 a.m.40 views

EulerOS 2.0 SP1 : bind (EulerOS-SA-2016-1052)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote...

7.8CVSS6.8AI score0.89482EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2017/02/27 12:0 a.m.32 views

ISC BIND DNS64 and RPZ Denial of Service Vulnerability

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

7.5CVSS6AI score0.17108EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/02/18 9:40 p.m.55 views

CVE-2017-5986

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

7.1CVSS6.4AI score0.01162EPSS
Exploits0
OSV
OSV
added 2017/02/17 2:59 a.m.1 views

DEBIAN-CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

9.1CVSS8.9AI score0.02424EPSS
Exploits0References1
OSV
OSV
added 2017/02/17 2:59 a.m.3 views

UBUNTU-CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

9.1CVSS7.3AI score0.02424EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2017/02/15 1:21 p.m.20 views

CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

5.5CVSS4.6AI score0.01616EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2017/02/15 1:12 p.m.5 views

bind: Assertion failure when using DNS64 and RPZ Can Lead to Crash

A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a null pointer dereference via a specially crafted DNS response...

7.5CVSS7.1AI score0.17108EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/02/15 12:0 a.m.16 views

Fedora 24 : viewvc (2017-2bce6ed778)

Version 1.1.26 released 24-Jan-2017 - security fix: escape navdata name to avoid XSS attack Version 1.1.25 released 15-Sep-2016 - fix rev2optrev assertion on long input Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

5.4AI score
Exploits0References1
CNVD
CNVD
added 2017/02/10 12:0 a.m.2 views

ISC BIND 9 DNS64 and RPZ Assertion Failure Denial of Service Vulnerability

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. ISC BIND 9 suffers from a DNS64 and RPZ Assertion Failure Denial of Service vulnerability. An attacker can exploit the vulnerability by rewriting the que...

7.5CVSS6.8AI score0.17108EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/02/09 1:13 p.m.28 views

High Severity BIND Vulnerability Can Lead to A Crash

The Internet Systems Consortium patched the BIND domain name system this week, addressing a remotely exploitable vulnerability it considers high severity and said could lead to a crash. The issue affects servers that use both the DNS64 and RPZ function simultaneously. DNS64 is a mechanism for...

0.2AI score0.17108EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/02/09 12:0 a.m.16 views

Fedora 25 : viewvc (2017-bd3c3c957f)

Version 1.1.26 released 24-Jan-2017 - security fix: escape navdata name to avoid XSS attack Version 1.1.25 released 15-Sep-2016 - fix rev2optrev assertion on long input Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

5.4AI score
Exploits0References1
Rows per page
Query Builder