Lucene search
K

324 matches found

OSV
OSV
added 2018/05/16 8:24 a.m.5 views

MGASA-2018-0240 Updated graphite2 packages fix security vulnerability

NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of service CVE-2018-7999...

8.8CVSS8.6AI score0.02324EPSS
Exploits1References3
Mageia
Mageia
added 2018/05/16 8:24 a.m.27 views

Updated graphite2 packages fix security vulnerability

NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of service CVE-2018-7999...

8.8CVSS2.8AI score0.02324EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/05/02 12:0 a.m.17 views

EulerOS 2.0 SP2 : graphite2 (EulerOS-SA-2018-1107)

According to the version of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which ma...

8.8CVSS6.8AI score0.02324EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/05/02 12:0 a.m.24 views

EulerOS 2.0 SP1 : graphite2 (EulerOS-SA-2018-1106)

According to the version of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which ma...

8.8CVSS6.8AI score0.02324EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/04/06 12:0 a.m.19 views

openSUSE Security Update : graphite2 (openSUSE-2018-337)

This update for graphite2 fixes the following issues : - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security,...

8.8CVSS6.7AI score0.02324EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/04/04 12:0 a.m.24 views

SUSE SLED12 / SLES12 Security Update : graphite2 (SUSE-SU-2018:0858-1)

This update for graphite2 fixes the following issues : - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

8.8CVSS6.7AI score0.02324EPSS
Exploits1References4
OSV
OSV
added 2018/04/03 9:59 a.m.3 views

SUSE-SU-2018:0858-1 Security update for graphite2

This update for graphite2 fixes the following issues: - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850...

8.8CVSS8.5AI score0.02324EPSS
Exploits1References3
CNVD
CNVD
added 2018/03/14 12:0 a.m.2 views

Graphite2 libgraphite2 Denial of Service Vulnerability

Graphite2 is a system of intelligent fonts for working with many kinds of text. libgraphite2 is one of the libraries. A security vulnerability exists in the Segment.cpp file of libgraphite2 in Graphite2 version 1.3.11. An attacker can exploit this vulnerability to cause a denial of service null...

8.8CVSS6.7AI score0.02324EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2018/03/09 7:29 p.m.22 views

CVE-2018-7999

In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...

8.8CVSS6.8AI score0.02324EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/02/04 12:0 a.m.24 views

Debian: Security Advisory (DLA-1013-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.05216EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2017/11/16 12:0 a.m.41 views

Virtuozzo 7 : graphite2 / graphite2-devel (VZLSA-2017-1793)

An update for graphite2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS7.8AI score0.05216EPSS
Exploits6References9
Cloud Foundry
Cloud Foundry
added 2017/09/21 12:0 a.m.58 views

USN-3398-1: graphite2 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote...

9.8CVSS9.5AI score0.05216EPSS
Exploits6
OpenVAS
OpenVAS
added 2017/08/23 12:0 a.m.41 views

Ubuntu: Security Advisory (USN-3398-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.05216EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2017/08/22 12:0 a.m.46 views

Ubuntu 14.04 LTS / 16.04 LTS : graphite2 vulnerabilities (USN-3398-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3398-1 advisory. Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were...

9.8CVSS7.9AI score0.05216EPSS
Exploits6References8
OSV
OSV
added 2017/08/21 1:7 p.m.3 views

USN-3398-1 graphite2 vulnerabilities

Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or...

9.8CVSS7AI score0.05216EPSS
Exploits6References9
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.41 views

Amazon Linux AMI : graphite2 (ALAS-2017-872)

Vulnerabilities in the Graphite 2 library MFSA 2017-16 A heap-based buffer overflow flaw related to 'lz4::decompress' has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. CVE-2017-7778 Heap-buffer-overflow write...

9.8CVSS8.2AI score0.05216EPSS
Exploits6References8
Amazon
Amazon
added 2017/08/17 12:0 a.m.41 views

Important: graphite2

Issue Overview: Vulnerabilities in the Graphite 2 library MFSA 2017-16 A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. CVE-2017-7778 Heap-buffer-overflow writ...

9.8CVSS9.9AI score0.05216EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2017/08/08 12:0 a.m.268 views

EulerOS 2.0 SP1 : graphite2 (EulerOS-SA-2017-1152)

According to the versions of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Various vulnerabilities have been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font...

9.8CVSS7.7AI score0.05216EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2017/08/08 12:0 a.m.233 views

EulerOS 2.0 SP2 : graphite2 (EulerOS-SA-2017-1153)

According to the versions of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Various vulnerabilities have been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font...

9.8CVSS7.7AI score0.05216EPSS
Exploits6References8
Mageia
Mageia
added 2017/07/25 10:7 p.m.55 views

Updated graphite2 packages fix security vulnerabilities

An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution CVE-2017-5436. Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if...

9.8CVSS2.8AI score0.05216EPSS
Exploits6References3
Rows per page
Query Builder