Lucene search
K

3714 matches found

Debian CVE
Debian CVE
added 2017/11/21 8:0 a.m.28 views

CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

9.8CVSS7.3AI score0.03332EPSS
Exploits0
CVE
CVE
added 2017/11/21 8:0 a.m.91 views

CVE-2017-16840

CVE-2017-16840 affects FFmpeg 3.0 and 3.4, where the VC-2 video encoder (libavcodec/vc2enc.c and vc2enc_dwt.c) allows a remote attacker to trigger a denial of service via an out-of-bounds read caused by incorrect buffer padding for non-Haar wavelets. The issue has been fixed in FFmpeg 3.4.x relea...

9.8CVSS9AI score0.03332EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/11/21 12:0 a.m.4 views

FFmpeg Denial of Service Vulnerability (CNVD-2017-37755)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team.VC-2 Video Compression encoder is one of the video compression encoders. A security vulnerability exists in the VC-2 Video Compression encoder in FFmpeg version 3.4. A remote attacker can...

9.8CVSS6.8AI score0.03332EPSS
Exploits0References1
Fedora
Fedora
added 2017/11/20 1:4 a.m.29 views

[SECURITY] Fedora 27 Update: jbig2dec-0.14-1.fc27

jbig2dec is a decoder implementation of the JBIG2 image compression format. JBIG2 is designed for lossy or lossless encoding of 'bilevel' 1-bit monochrome images at moderately high resolution, and in particular scanned paper documents. In this domain it is very efficient, offering compression...

6.5CVSS1.1AI score0.03452EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/11/06 12:0 a.m.221 views

SSH Compression Error Checking

The remote host supports algorithms that can use compression. But when ssh attempts to use compression for that communication, the connections do not succeed. TRUSTED...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/11/02 12:0 a.m.37 views

Debian DSA-4013-1 : openjpeg2 - security update

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...

8.8CVSS7.3AI score0.08253EPSS
Exploits2References13
Fedora
Fedora
added 2017/11/01 4:44 p.m.31 views

[SECURITY] Fedora 25 Update: openvpn-2.4.4-1.fc25

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

9.8CVSS1.5AI score0.03629EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/11/01 1:29 a.m.26 views

CVE-2017-15535

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

9.1CVSS7.2AI score0.01567EPSS
Exploits0References2
NVD
NVD
added 2017/11/01 1:29 a.m.17 views

CVE-2017-15535

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

9.1CVSS9.2AI score0.01567EPSS
Exploits0References2
Prion
Prion
added 2017/11/01 1:29 a.m.16 views

Design/Logic Flaw

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

6.4CVSS9AI score0.01567EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/11/01 1:29 a.m.4 views

UBUNTU-CVE-2017-15535

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

9.1CVSS7.2AI score0.01567EPSS
Exploits0References3
CVE
CVE
added 2017/11/01 1:0 a.m.106 views

CVE-2017-15535

CVE-2017-15535 affects MongoDB 3.4.x before 3.4.10 and 3.5.x-development in the wire protocol compression feature (networkMessageCompressors), which is disabled by default but if enabled can allow a remote attacker to cause a denial of service or modify memory. Public advisories and updates exist...

9.1CVSS8.9AI score0.01567EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2017/11/01 1:0 a.m.31 views

CVE-2017-15535

Removed by vendor...

9.1CVSS9.2AI score0.01567EPSS
Exploits0
Cvelist
Cvelist
added 2017/11/01 1:0 a.m.30 views

CVE-2017-15535

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

9.1AI score0.01567EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/10/30 12:0 a.m.37 views

Debian: Security Advisory (DSA-4013-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.05652EPSS
Exploits1References3
seebug.org
seebug.org
added 2017/10/26 12:0 a.m.67 views

7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability(CVE-2016-2334)

DESCRIPTION An exploitable heap overflow vulnerability exists in the NArchive::NHfs::CHandler::ExtractZlibFile method functionality of 7zip that can lead to arbitrary code execution. TESTED VERSIONS 7-Zip 32 15.05 beta 7-Zip 64 9.20 PRODUCT URLS http://www.7-zip.org/ CVSSv3 SCORE 7.3 -...

9.3CVSS8.3AI score0.14742EPSS
Exploits3
Fedora
Fedora
added 2017/10/18 8:51 p.m.35 views

[SECURITY] Fedora 25 Update: upx-3.94-1.fc25

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

7.8CVSS4.8AI score0.00958EPSS
Exploits0
seebug.org
seebug.org
added 2017/10/17 12:0 a.m.66 views

Apple Image I/O EXR Compression Remote Code Execution Vulnerability(CVE-2016-4630)

SUMMARY An exploitable heap based buffer overflow exists in the handling of EXR images on OS X. A crafted EXR document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved EXR file delivered by other means when opened in any...

6.8CVSS9.7AI score0.03576EPSS
Exploits2
Fedora
Fedora
added 2017/10/14 9:35 p.m.36 views

[SECURITY] Fedora 27 Update: upx-3.94-1.fc27

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

7.8CVSS4.8AI score0.00958EPSS
Exploits0
Patchstack
Patchstack
added 2017/10/09 12:0 a.m.10 views

WordPress Smush Image Compression and Optimization plugin <=2.7.5 - File Traversal vulnerability

File Traversal vulnerability found by Ricardo Sánchez in WordPress Smush Image Compression and Optimization plugin versions =2.7.5. Solution Update the WordPress Smush Image Compression and Optimization plugin to the latest available version at least 2.7.6...

2.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder