Lucene search
K

353 matches found

CNVD
CNVD
added 2021/07/22 12:0 a.m.13 views

PDF2JSON CCITTFaxStream::lookChar Denial of Service Vulnerability

PDF2JSON is a conversion library based on XPDF 3.02 that can be used to convert PDF pages page by page to JSON and XML formats. A denial of service vulnerability exists in the CCITTFaxStream::lookChar function in PDF2JSON version 0.70. The vulnerability stems from an invalid write of size 2. An...

5.5CVSS4.3AI score0.00634EPSS
Exploits1References1
OSV
OSV
added 2021/07/21 6:15 p.m.18 views

CVE-2020-19469

An issue has been found in function DCTStream::reset in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 8...

5.5CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2021/07/21 6:15 p.m.16 views

Design/Logic Flaw

An issue has been found in function DCTStream::reset in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 8...

4.3CVSS5.5AI score0.00634EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/21 5:10 p.m.42 views

CVE-2020-19469

The CVE concerns PDF2JSON 0.70, where a flaw in DCTStream::reset allows a Denial of Service via an invalid write of size 8. The vulnerability is tied to the PDF2JSON library’s DCTStream::reset routine and is described consistently across multiple sources in the connected documents. The provided m...

5.5CVSS5.4AI score0.00634EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/21 5:10 p.m.21 views

CVE-2020-19469

An issue has been found in function DCTStream::reset in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 8...

5.5AI score0.00634EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.43 views

EulerOS 2.0 SP9 : screen (EulerOS-SA-2021-2057)

According to the version of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly...

9.8CVSS7.4AI score0.09147EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.24 views

EulerOS 2.0 SP8 : screen (EulerOS-SA-2021-1888)

According to the version of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly...

9.8CVSS7.4AI score0.09147EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/03/23 12:0 a.m.21 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : GNU Screen vulnerability (USN-4747-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4747-1 advisory. Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause...

9.8CVSS7.6AI score0.09147EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2021/03/20 10:2 p.m.44 views

CVE-2018-18312

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

9.8CVSS6.2AI score0.12093EPSS
Exploits1References2
OSV
OSV
added 2021/03/05 11:2 a.m.4 views

OESA-2021-1060 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.CVE-2017-9114 ...

8.8CVSS7.7AI score0.0331EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.33 views

EulerOS 2.0 SP2 : openjpeg (EulerOS-SA-2021-1336)

According to the versions of the openjpeg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability...

9.8CVSS7.7AI score0.05652EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.24 views

EulerOS 2.0 SP2 : OpenEXR (EulerOS-SA-2021-1335)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by...

8.8CVSS7.2AI score0.0331EPSS
Exploits2References9
OSV
OSV
added 2021/02/09 8:15 p.m.20 views

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly have unspecified other impact via a crafted UTF-8 character sequence...

9.8CVSS7.5AI score
Exploits0References10
Cvelist
Cvelist
added 2021/02/09 7:35 p.m.24 views

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly have unspecified other impact via a crafted UTF-8 character sequence...

9.9AI score0.09147EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2021/02/09 1:0 p.m.38 views

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly have unspecified other impact via a crafted UTF-8 character sequence...

9.8CVSS6.9AI score0.09147EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.36 views

EulerOS 2.0 SP5 : OpenEXR (EulerOS-SA-2021-1219)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This packa...

8.8CVSS8AI score0.0331EPSS
Exploits1References9
Veracode
Veracode
added 2020/12/06 3:19 a.m.37 views

Arbitrary Code Execution

openexr is vulnerable to arbitrary code execution. An invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code...

8.8CVSS3.6AI score0.03166EPSS
Exploits0References11Affected Software1
Veracode
Veracode
added 2020/12/06 3:19 a.m.33 views

Arbitrary Code Execution

openexr is vulnerable to arbitrary code execution. An invalid write of size 2 in the = operator function in half.h could allow an attacker to crash the application or execute arbitrary code on the host OS...

8.8CVSS3.5AI score0.0331EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2020/11/24 6:15 p.m.4 views

ALPINE-CVE-2020-28928

In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access buffer overflow...

5.5CVSS7.2AI score0.00644EPSS
Exploits0References1
NVD
NVD
added 2020/11/24 6:15 p.m.19 views

CVE-2020-28928

In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access buffer overflow...

5.5CVSS5.6AI score0.00644EPSS
Exploits0References10
Rows per page
Query Builder