Lucene search
K

17 matches found

Veracode
Veracode
added 2023/03/31 4:30 a.m.39 views

Denial Of Services (DoS)

graphql-java is vulnerable to Denial Of Services DoS. An attacker can send a maliciously crafted GraphQL query that causes excessive stack consumption, which can lead to an application crash...

7.5CVSS7.2AI score0.01051EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2020/04/03 7:1 a.m.11 views

SUSE-SU-2020:0860-1 Security update for exiv2

This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service bsc1110282. - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which...

7.8CVSS6.3AI score0.04296EPSS
Exploits4References13
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2576)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.03098EPSS
Exploits14References2
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.44 views

EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2020-1003)

According to the versions of the exiv2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory...

6.5CVSS6.5AI score0.0235EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.106 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : exiv2 Multiple Vulnerabilities (NS-SA-2019-0229)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has exiv2 packages installed that are affected by multiple vulnerabilities: - In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the == 0x1c case...

8.8CVSS6.8AI score0.02891EPSS
Exploits21References24
UbuntuCve
UbuntuCve
added 2018/12/06 12:29 a.m.32 views

CVE-2018-19881

In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service recursive calls followed by a fitz/xml.c fzxmlatt crash from excessive stack consumption via a crafted svg file, as demonstrated by mupdf-gl...

5.5CVSS6.1AI score0.01571EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2018/12/06 12:0 a.m.27 views

CVE-2018-19881

In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service recursive calls followed by a fitz/xml.c fzxmlatt crash from excessive stack consumption via a crafted svg file, as demonstrated by mupdf-gl...

5.5CVSS5.3AI score0.01571EPSS
Exploits1
Prion
Prion
added 2018/09/28 9:29 a.m.20 views

Design/Logic Flaw

CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...

4.3CVSS6.8AI score0.0235EPSS
Exploits1References6Affected Software6
PyPA
PyPA
added 2018/09/28 9:29 a.m.6 views

PYSEC-2018-139

CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...

6.5CVSS6.9AI score0.0235EPSS
Exploits1References12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/14 6:45 p.m.38 views

Security Bulletin: Aspera OnDemand is affected by an openSSL vulnerability (CVE-2018-0739)

Summary Aspera OnDemand has addressed the following openSSL vulnerability. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability ...

6.5CVSS1.5AI score0.19295EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2018/09/12 2:0 p.m.30 views

CVE-2017-1082

In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack usage and potential overflow. Applications that use qsort to handle large data set may crash if th...

7.5AI score0.01162EPSS
Exploits1References1
Prion
Prion
added 2018/08/21 11:29 p.m.15 views

Denial of service

An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...

4.3CVSS6.3AI score0.01064EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/08/21 11:29 p.m.23 views

CVE-2018-15671

An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...

6.5CVSS6.5AI score0.01064EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/08/21 11:0 p.m.24 views

CVE-2018-15671

An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...

6.3AI score0.01064EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/11/26 12:0 a.m.21 views

openSUSE: Security Advisory for tboot (openSUSE-SU-2017:3100-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.4AI score0.00417EPSS
Exploits0References2
OSV
OSV
added 2017/06/19 4:29 p.m.28 views

CVE-2017-9763

The grubext2readblock function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service excessive stack use and application crash via a crafted binary file, related to use of a variable-size stack array...

7.5CVSS6.6AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/02/23 12:0 a.m.29 views

IBM solidDB 6.5 < 6.5.0.8 Multiple Denial of Service Vulnerabilities

The remote database system is affected by multiple denial of service vulnerabilities : - Sending packets with many integer fields can trigger several recursive calls of a certain function causing an excessive amount of stack memory consumption. CVE-2010-4055, IC80074 - Upon receiving a packet...

5CVSS5.4AI score0.0843EPSS
Exploits3References4
Rows per page
Query Builder