Lucene search
+L

2451 matches found

Prion
Prion
added 2017/07/12 5:29 p.m.21 views

Heap overflow

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file ca...

6.8CVSS9AI score0.02716EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/07/12 5:29 p.m.25 views

CVE-2017-2818

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...

8.8CVSS8.2AI score0.01977EPSS
Exploits1References2
Prion
Prion
added 2017/07/12 5:29 p.m.23 views

Heap overflow

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...

6.8CVSS8.6AI score0.01977EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/07/12 5:29 p.m.34 views

CVE-2017-2814

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file ca...

8.8CVSS8.5AI score0.02716EPSS
Exploits1References2
OSV
OSV
added 2017/07/12 5:29 p.m.7 views

DEBIAN-CVE-2017-2818

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...

8.8CVSS7.3AI score0.01977EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/07/12 5:0 p.m.36 views

CVE-2017-2818

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...

7.5CVSS8.7AI score0.01977EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2017/07/12 12:49 p.m.31 views

CVE-2017-2818

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...

8.8CVSS8.5AI score0.01977EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2017/07/11 7:0 a.m.29 views

Windows Explorer Denial of Service Vulnerability

An Denial Of Service vulnerability exists when Windows Explorer attempts to open a non-existent file. An attacker who successfully exploited this vulnerability could cause a denial of service. A attacker could exploit this vulnerability by hosting a specially crafted web site and convince a user ...

6.5CVSS3AI score0.05945EPSS
Exploits0
OSV
OSV
added 2017/06/26 9:29 p.m.5 views

CVE-2017-6325

The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an...

6.6CVSS6.4AI score0.02503EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2017/05/24 11:10 a.m.14 views

Malware Network Communication Provides Better Early Warning Signal

Research is expected to be unveiled today that challenges the industry’s current reliance on dynamic malware analysis as the best means of early detection of infections. Instead, researchers from the Georgia Institute of Technology, the IMDEA Software Institute and EURECOM posit that a better...

7.2AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/05/12 7:29 a.m.26 views

CVE-2017-8911

An integer underflow has been identified in the unicodetoutf8 function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker...

9.8CVSS7AI score0.01934EPSS
Exploits0References1
OSV
OSV
added 2017/05/12 7:29 a.m.4 views

UBUNTU-CVE-2017-8911

An integer underflow has been identified in the unicodetoutf8 function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker...

9.8CVSS7.2AI score0.01934EPSS
Exploits0References2
NVD
NVD
added 2017/03/28 2:59 a.m.20 views

CVE-2016-9467

Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to displa...

5.3CVSS5.1AI score0.02972EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2017/02/24 4:59 a.m.20 views

CVE-2017-6307

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...

7.8CVSS7.1AI score0.01411EPSS
Exploits0References4
Prion
Prion
added 2017/02/24 4:59 a.m.17 views

Type confusion

An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the fileaddmapiattrs function. These might lead to invalid read and write operations, controlled by an attacker...

6.8CVSS7.6AI score0.01411EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2017/02/24 4:59 a.m.3 views

UBUNTU-CVE-2017-6307

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...

7.8CVSS7.1AI score0.01411EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2017/02/24 4:23 a.m.34 views

CVE-2017-6310

An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the fileaddmapiattrs function. These might lead to invalid read and write operations, controlled by an attacker...

7.8CVSS7.8AI score0.01411EPSS
Exploits0
Cvelist
Cvelist
added 2017/02/24 4:23 a.m.24 views

CVE-2017-6307

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...

7.6AI score0.01411EPSS
Exploits0References6
Cvelist
Cvelist
added 2017/02/24 4:23 a.m.31 views

CVE-2017-6309

An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parsefile function. These might lead to invalid read and write operations, controlled by an attacker...

7.6AI score0.01411EPSS
Exploits0References6
seebug.org
seebug.org
added 2017/02/23 12:0 a.m.56 views

Android Arbitrary class loading and instantiation in protobuf parcelable "javanano" compiler

The protobuf library includes the "javanano" compiler, commonly used in many Android applications due to its tiny resource footprint. The "javanano" compiler supports a variety of Android-specific compilation flags which can be used to modify the generated message classes. One such compilation fl...

7AI score
Exploits0
Rows per page
Query Builder