CVE-2018-9132

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...

CVE-2018-9132

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...

CVE-2017-18250

An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file...

Logic Vulnerability in Inventron VT Designer

INVISION is a key high-tech enterprise under the National Torch Plan. Relying on power electronics, automatic control and information technology, INVISION's business covers industrial automation, new energy vehicles, network energy and rail transportation. A logic vulnerability exists in INVITRO ...

CVE-2017-17129

The ffvc1mc4mvchroma4 function in libavcodec/vc1mc.c in Libav 12.2 allows remote attackers to cause a denial of service segmentation fault and application crash or possibly have unspecified other impact via a crafted file...

MSA vot.Ar 'parse' function unauthorized operation vulnerability

MSA vot.Ar is a suite of voting election applications. A security vulnerability exists in the 'parse' function in MSA vot.Ar version 3.1. An attacker in close physical proximity could exploit this vulnerability to cast multiple votes for a candidate with the help of a specially designed RFID voti...

UBUNTU-CVE-2017-13028

The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootpprint...

CVE-2017-13745

There is a reachable assertion abort in the function jpcdecprocesssot in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpcppmstabtostreams return value, a different vulnerability than CVE-2018-9154...

CVE-2017-13066

GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c...

UBUNTU-CVE-2017-11554

There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

XSS Vulnerability in Baoding OA Email Function

Baoding OA system is an office system for enterprises. An XSS vulnerability exists in the email function of Baoding OA. An attacker can exploit this vulnerability to gain administrator privileges, steal data, etc...

openSUSE Security Update : libxslt (openSUSE-2017-609)

This update for libxslt fixes the following security issues : - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page bsc1035905. ...

CVE-2017-9182

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service use-after-free and invalid heap read, related to the GETCOLOR function in color.c:16:11...

CVE-2017-9211

The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service NULL pointer dereference via a crafted application...

CVE-2017-9076

CVE-2017-9076 is a Linux kernel issue reported in the CentOS/Red Hat advisory set (CESA-2018:1854) tied to the IPv6 DCCP implementation. The vulnerability arises from mishandling of inheritance in the IPv6 DCCP code, allowing a local attacker to cause a denial of service or possibly other unspeci...

Null pointer dereference

The joinpthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive...

Remote Code Execution (RCE)

nameless-cli is vulnerable to remote code execution RCE. A malicious user can inject and execute arbitrary code due to the lack of sanitization of user input before executing the eval function...

Linux kernel 'sg_ioctl' function denial of service vulnerability

Linux kernel is an open source operating system. A security vulnerability exists in the 'sgioctl' function in the drivers/scsi/sg.c file of Linux kernel. A local attacker can exploit this vulnerability to conduct a denial of service attack and crash the system...

DEBIAN-CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

MGASA-2017-0031 Updated python-bottle packages fix security vulnerability

redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call. CVE-2016-9964...