Lucene search
K

310 matches found

OSV
OSV
added 2018/02/04 3:29 p.m.2 views

DEBIAN-CVE-2018-6612

An integer underflow bug in the processEXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact...

5.5CVSS7.2AI score0.01138EPSS
Exploits0References1
OSV
OSV
added 2017/12/28 6:29 a.m.4 views

UBUNTU-CVE-2017-17942

In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tifpackbits.c...

8.8CVSS6.9AI score0.02432EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2017/12/20 9:29 a.m.3 views

CVE-2017-17782

In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation...

8.8CVSS7.1AI score0.01843EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2017/12/20 9:29 a.m.5 views

CVE-2017-17787

In GIMP 2.8.22, there is a heap-based buffer over-read in readcreatorblock in plug-ins/common/file-psp.c...

7.8CVSS6.6AI score0.01063EPSS
Exploits0References7
OSV
OSV
added 2017/07/31 1:29 p.m.5 views

CVE-2017-11116

The ExifImageFile::readDQT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted jpg file...

7.8CVSS6AI score0.0115EPSS
Exploits1References2
OSV
OSV
added 2017/07/23 10:29 p.m.1 views

DEBIAN-CVE-2017-11569

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS7.8AI score0.01406EPSS
Exploits0References1
OSV
OSV
added 2017/07/23 10:29 p.m.1 views

DEBIAN-CVE-2017-11568

FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines psread.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS7.8AI score0.01339EPSS
Exploits0References1
OSV
OSV
added 2017/07/23 3:29 a.m.3 views

DEBIAN-CVE-2017-11535

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage function in coders/ps.c...

6.5CVSS7AI score0.01663EPSS
Exploits1References1
OSV
OSV
added 2017/07/23 12:0 a.m.4 views

UBUNTU-CVE-2017-11568

FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines psread.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS7.7AI score0.01339EPSS
Exploits0References4
OSV
OSV
added 2017/06/25 7:29 p.m.5 views

UBUNTU-CVE-2015-9101

The fillbufferresample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...

5.5CVSS7AI score0.01885EPSS
Exploits1References6
CNVD
CNVD
added 2017/06/12 12:0 a.m.2 views

ytnef denial of service vulnerability (CNVD-2017-09343)

ytnef is an application library for extracting data from winmail.dat files. A denial of service vulnerability exists in the 'DecompressRTF' function in the lib/ytnef.c file in ytnef version 1.9.2. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer...

5.5CVSS7AI score0.00938EPSS
Exploits1References1
OSV
OSV
added 2017/05/23 4:29 a.m.5 views

UBUNTU-CVE-2017-9164

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GETCOLOR function in color.c:16:11...

9.8CVSS7.4AI score0.01928EPSS
Exploits0References3
OSV
OSV
added 2017/05/23 4:29 a.m.3 views

UBUNTU-CVE-2017-9152

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnmloadraw function in input-pnm.c:346:41...

9.8CVSS7.4AI score0.02054EPSS
Exploits0References3
CNVD
CNVD
added 2017/05/09 12:0 a.m.4 views

PoDoFo Denial of Service Vulnerability (CNVD-2017-07617)

PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in the 'PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry' function in the base/PdfXRefStreamParserObject.cpp file in PoDoFo version 0.9.5. ' function is vulnerable to a...

8.8CVSS7AI score0.01625EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/21 12:0 a.m.2 views

libcroco 'cr_input_new_from_uri' function denial of service vulnerability

libcroco is a CSS2 parsing library. A security vulnerability exists in the 'crinputnewfromuri' function in the cr-input.c file in libcroco versions 0.6.11 and 0.6.12. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer out-of-bounds read with the help of a...

5.5CVSS5.7AI score0.02001EPSS
Exploits1References1
OSV
OSV
added 2017/03/17 9:59 a.m.3 views

UBUNTU-CVE-2017-6960

An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the loadapng function and the imagesize variable...

7.5CVSS7.3AI score0.01804EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2017/03/17 12:0 a.m.3 views

PT-2017-17427 · Apng2Gif +1 · Apng2Gif +1

Name of the Vulnerable Software and Affected Versions: apng2gif version 1.7 Description: An issue was discovered related to an integer overflow, resulting in a heap-based buffer over-read. This issue is connected to the load apng function and the imagesize variable. Recommendations: For apng2gif...

7.5CVSS6AI score0.01804EPSS
Exploits0References20
OSV
OSV
added 2016/11/29 11:59 p.m.1 views

DEBIAN-CVE-2016-9480

libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarfutil.c component, aka DW201611-006...

9.1CVSS6.7AI score0.03316EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.46 views

SUSE SLES11 Security Update : libxml2 (SUSE-SU-2016:1604-1)

This update for libxml2 fixes the following security issues : - CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread was fixed in libxml2/dict.c bsc963963, bsc965283, bsc981114. - CVE-2016-4483: Code was added to avoid an out of bound access when serializing malformed strings...

10CVSS7AI score0.1398EPSS
Exploits11References45
OSV
OSV
added 2016/06/09 12:41 p.m.9 views

SUSE-SU-2016:1538-1 Security update for libxml2

This update for libxml2 fixes the following security issues: - CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread was fixed in libxml2/dict.c bsc963963, bsc965283, bsc981114. - CVE-2016-4483: Code was added to avoid an out of bound access when serializing malformed strings...

10CVSS6.8AI score0.1398EPSS
Exploits11References30
Rows per page
Query Builder