Lucene search
K

203 matches found

Microsoft KB
Microsoft KB
added 2019/10/01 12:0 a.m.34 views

October 1, 2019, update for Office 2016 (KB4475585)

October 1, 2019, update for Office 2016 KB4475585 This article describes update 4475585 for Microsoft Office 2016 that was released on October 1, 2019.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply t...

6.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.4 views

The vulnerability of the histogram construction utility for PGM and PPM files, pnmhistmap, related to segmentation errors, allows a hacker to cause a service failure.

The vulnerability of the histogram construction utility for PGM and PPM files, pnmhistmap, is related to segmentation errors. Exploiting this vulnerability can allow an attacker to cause a service failure in the application by entering a specially crafted sequence of data in the command line...

4CVSS5.5AI score
Exploits0
CNVD
CNVD
added 2018/10/24 12:0 a.m.9 views

TCPFLOW Stack Buffer Overflow Vulnerability

TCPFLOW is a network monitoring tool that records TCP sessions. A stack buffer overflow vulnerability exists in the 'setbit' function of the iptree.h file in TCPFLOW version 1.5.0, which originates from a program receiving an incorrect value, which results in a computation error. An attacker can...

5.5CVSS5.9AI score0.01302EPSS
Exploits1References1
OSV
OSV
added 2018/10/17 4:29 a.m.4 views

ALPINE-CVE-2018-18409

A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...

5.5CVSS7AI score0.01302EPSS
Exploits1References1
OSV
OSV
added 2018/10/17 4:29 a.m.3 views

DEBIAN-CVE-2018-18409

A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...

5.5CVSS5.7AI score0.01302EPSS
Exploits1References1
OSV
OSV
added 2018/10/17 12:0 a.m.3 views

UBUNTU-CVE-2018-18409

A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...

5.5CVSS6.7AI score0.01302EPSS
Exploits1References4
OSV
OSV
added 2018/08/15 8:3 p.m.4 views

GHSA-9WCM-RRVH-QJC8 High severity vulnerability that affects colorscore

Withdrawn, accidental duplicate publish. The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...

10CVSS9.8AI score0.0353EPSS
Exploits0References2
OSV
OSV
added 2017/10/24 6:33 p.m.15 views

GHSA-73QW-WW62-M54X colorscore Command Injection vulnerability

The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...

10CVSS9.7AI score0.0353EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.24 views

colorscore Command Injection vulnerability

The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...

10CVSS9.5AI score0.0353EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/08/10 12:0 a.m.7 views

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to cause a memory access violation

The vulnerability of the console-based graphic editor ImageMagick arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause the function WriteHISTOGRAMImage in coders/histogram.c to lose acces...

4.3CVSS7AI score0.01515EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/07/24 12:0 a.m.3 views

ImageMagick 'coders/histogram.c' Denial of Service Vulnerability

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'WriteHISTOGRAMImage' function in the coders/histogram.c file in...

6.5CVSS6.7AI score0.01515EPSS
Exploits0References1
OSV
OSV
added 2017/07/23 3:29 a.m.0 views

DEBIAN-CVE-2017-11531

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage function in coders/histogram.c...

6.5CVSS6.7AI score0.01515EPSS
Exploits0References1
OSV
OSV
added 2017/07/23 3:29 a.m.2 views

UBUNTU-CVE-2017-11531

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage function in coders/histogram.c...

6.5CVSS7.3AI score0.01515EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/07/23 3:0 a.m.30 views

CVE-2017-11531

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage function in coders/histogram.c...

7.1AI score0.01515EPSS
Exploits0References2
CVE
CVE
added 2017/07/23 3:0 a.m.76 views

CVE-2017-11531

CVE-2017-11531 is rejected/not used per the description.

6.5CVSS6.5AI score0.01515EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/03/02 12:0 a.m.8 views

The vulnerability of Google Chrome browser allows a perpetrator to gain access to local files.

The vulnerability of the Histogram component in Google Chrome browser is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to gain access to local files through a specially crafted HTML page...

4.3CVSS6.6AI score0.014EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/02/17 7:59 a.m.15 views

Type confusion

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

4.3CVSS5AI score0.014EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2017/02/17 7:59 a.m.3 views

CVE-2017-5023

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

4.3CVSS7.3AI score0.014EPSS
Exploits0References7
OSV
OSV
added 2017/01/27 12:0 a.m.5 views

UBUNTU-CVE-2017-5023

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

4.3CVSS6.7AI score0.014EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/01/26 10:2 p.m.3 views

chromium-browser: type confusion in metrics

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

4.3CVSS7.4AI score0.014EPSS
Exploits0References5
Rows per page
Query Builder