Lucene search
+L

153 matches found

UbuntuCve
UbuntuCve
added 2018/09/20 8:29 p.m.28 views

CVE-2018-17282

An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference...

6.5CVSS6.8AI score0.02062EPSS
Exploits1References1
OSV
OSV
added 2018/06/27 12:29 p.m.4 views

UBUNTU-CVE-2017-18342

In PyYAML before 5.1, the yaml.load API could execute arbitrary code if used with untrusted data. The load function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function...

9.8CVSS7.1AI score0.06031EPSS
Exploits1References3
seebug.org
seebug.org
added 2018/02/24 12:0 a.m.90 views

Windows Kernel 64-bit stack memory disclosure in win32k!SfnINLPHELPINFOSTRUCT (via user-mode callback)(CVE-2018-0810)

We have discovered that a user-mode callback invoked by the win32k!SfnINLPHELPINFOSTRUCT function via KeUserModeCallback leads to the disclosure of uninitialized stack memory to user-mode clients, due to compiler-introduced structure padding. The vulnerability affects Windows 7 64-bit; other...

5.8AI score0.01615EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/01/17 12:0 a.m.11 views

Debian LTS: Security Advisory for hunspell-en-us (DLA-903-1)

The dictionary provided by this package had an unnecessary unversioned conflict against the thunderbird package which recently got reintroduced into Wheezy. This VT has been deprecated as it doesn SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a reference...

7.3AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/11/17 10:29 p.m.19 views

CVE-2017-1000127

Exiv2 0.26 contains a heap buffer overflow in tiff parser...

5.5CVSS7AI score0.00992EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/11/07 12:0 a.m.31 views

CVE-2017-16644

The hdpvrprobe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service improper error handling and system crash or possibly have unspecified other impact via a crafted USB device...

7.2CVSS6.8AI score0.00399EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2017/07/23 3:29 a.m.33 views

CVE-2017-11553

There is an illegal address access in the extendaliastable function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service...

7.5CVSS6.8AI score0.01738EPSS
Exploits1References1
OSV
OSV
added 2017/06/19 4:29 p.m.6 views

DEBIAN-CVE-2017-1000365

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMITSTACK/RLIMINFINITY 1/4 of the size, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel version...

7.8CVSS7.5AI score0.00899EPSS
Exploits0References1
OSV
OSV
added 2017/06/19 3:0 p.m.5 views

UBUNTU-CVE-2017-1000365

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMITSTACK/RLIMINFINITY 1/4 of the size, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel version...

7.8CVSS6.6AI score0.00899EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2017/01/10 12:0 a.m.40 views

openSUSE Security Update : tiff (openSUSE-2017-53)

The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools bnc914890 - CVE-2016-9297: tifdirread.c read outside buffer in TIFFPrintField bnc1010161 - CVE-2016-3658: Illegal read i...

7.8CVSS7.2AI score0.06471EPSS
Exploits4References22
UbuntuCve
UbuntuCve
added 2015/01/21 12:0 a.m.33 views

CVE-2014-9621

The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string...

5CVSS7.1AI score0.02976EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.24 views

Debian Security Advisory DSA 1225-1 (mozilla-firefox)

The remote host is missing an update to mozilla-firefox announced via advisory DSA 1225-1. Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:...

7.5CVSS0.05833EPSS
Exploits0
Atlassian
Atlassian
added 2007/03/27 7:41 a.m.20 views

Deleting a custom field which has an issue security scheme or permission scheme on it does not update the index and issue navigator is out of date

emphasized textSimilar to JRA-12410 - deleting a custom field does not adequately clean up after itself. Specifically, affected issues are not reindexed so the updated security and permission aspects are not reflected in search results which is a security hole. Note that a naive fix may produce...

0.3AI score
Exploits0
Rows per page
Query Builder