Lucene search
K

15 matches found

OSV
OSV
added 2017/12/21 3:29 a.m.3 views

DEBIAN-CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

5.5CVSS9.3AI score0.01244EPSS
Exploits1References1
OSV
OSV
added 2017/12/14 4:29 p.m.3 views

DEBIAN-CVE-2017-17532

examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.4AI score0.01635EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.1 views

DEBIAN-CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8AI score0.01643EPSS
Exploits0References1
OSV
OSV
added 2017/11/28 8:29 p.m.2 views

DEBIAN-CVE-2017-17042

lib/yard/coreext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files...

7.5CVSS6.9AI score0.02894EPSS
Exploits0References1
OSV
OSV
added 2017/11/22 8:29 a.m.3 views

DEBIAN-CVE-2017-16926

Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker providing a source tree for Ohcount processing to execute arbitrary code as the user running Ohcount...

9.8CVSS8.4AI score0.05582EPSS
Exploits1References1
OSV
OSV
added 2017/09/14 6:29 a.m.6 views

DEBIAN-CVE-2017-12901

The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrpprint...

9.8CVSS7.5AI score0.02389EPSS
Exploits0References1
OSV
OSV
added 2017/09/01 1:29 p.m.2 views

DEBIAN-CVE-2017-12868

The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation...

9.8CVSS9.8AI score0.02133EPSS
Exploits0References1
OSV
OSV
added 2017/08/07 9:29 p.m.3 views

DEBIAN-CVE-2017-12669

ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c...

8.8CVSS6.8AI score0.01457EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/08/07 12:0 a.m.27 views

CVE-2017-12670

In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service...

6.5CVSS6.8AI score0.01479EPSS
Exploits0References2
OSV
OSV
added 2017/07/20 11:29 p.m.3 views

DEBIAN-CVE-2017-11503

PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of codegenerator.php...

6.1CVSS6.2AI score0.024EPSS
Exploits1References1
OSV
OSV
added 2017/07/17 5:29 p.m.2 views

DEBIAN-CVE-2017-10978

An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in makesecret" and a denial of service...

7.5CVSS8.6AI score0.03773EPSS
Exploits0References1
OSV
OSV
added 2017/05/19 8:29 p.m.2 views

DEBIAN-CVE-2017-7475

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FTLoadGlyph and FTRenderGlyph resulting in an application crash...

5.5CVSS6.9AI score0.01839EPSS
Exploits0References1
OSV
OSV
added 2017/03/24 3:59 p.m.3 views

DEBIAN-CVE-2017-5506

Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file...

7.8CVSS6.1AI score0.02071EPSS
Exploits0References1
OSV
OSV
added 2017/03/15 2:59 p.m.3 views

DEBIAN-CVE-2017-6435

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...

5CVSS6.3AI score0.00527EPSS
Exploits1References1
OSV
OSV
added 2017/02/20 8:59 a.m.4 views

DEBIAN-CVE-2017-2371

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site...

6.5CVSS7.8AI score0.05719EPSS
Exploits2References1
Rows per page
Query Builder