Lucene search
K

663 matches found

Debian CVE
Debian CVE
added 2018/02/04 10:0 p.m.27 views

CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opjt1encodecblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

5.5CVSS5.9AI score0.01745EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2018/02/04 12:0 a.m.44 views

CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opjt1encodecblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

5.5CVSS6.8AI score0.01745EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2018/01/27 3:29 p.m.21 views

CVE-2018-6352

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file...

5.5CVSS6.4AI score0.01021EPSS
Exploits0References2
NVD
NVD
added 2018/01/27 3:29 p.m.16 views

CVE-2018-6352

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file...

5.5CVSS5.3AI score0.01021EPSS
Exploits0References1
Prion
Prion
added 2018/01/27 3:29 p.m.17 views

Design/Logic Flaw

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file...

4.3CVSS5.3AI score0.01021EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/01/27 3:29 p.m.14 views

CVE-2018-6352

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file...

5.5CVSS6.9AI score
Exploits0References1
Cvelist
Cvelist
added 2018/01/27 3:0 p.m.20 views

CVE-2018-6352

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file...

5.3AI score0.01021EPSS
Exploits0References1
CVE
CVE
added 2018/01/27 3:0 p.m.81 views

CVE-2018-6352

PoDoFo 0.9.5 contains a denial-of-service vulnerability in the PdfParser::ReadObjectsInternal function (base/PdfParser.cpp) caused by excessive iteration on crafted PDF files. This affects PoDoFo 0.9.5 as described in CVE-2018-6352 and is reflected across multiple sources (NVD and CNVD entries). ...

5.5CVSS5.3AI score0.01021EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2018/01/27 3:0 p.m.51 views

CVE-2018-6352

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file...

5.5CVSS5.4AI score0.01021EPSS
Exploits0
CNVD
CNVD
added 2017/09/22 12:0 a.m.5 views

BladeEnc Buffer Overflow Vulnerability

BladeEnc is a tool with MP3 file compilation capabilities. A buffer overflow vulnerability exists in the 'iterationloop' function of the loop.c file in BladeEnc version 0.94.2. A remote attacker could exploit this vulnerability to cause a denial of service or possibly execute code write across...

9.8CVSS7.8AI score0.03406EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/09/21 12:0 a.m.3 views

PT-2017-13609 · Tomsft · Bladeenc

Name of the Vulnerable Software and Affected Versions: BladeEnc version 0.94.2 Description: A global buffer overflow was discovered in the iteration loop function, which causes an out-of-bounds write. This issue can lead to remote denial of service or possibly code execution. Recommendations: For...

9.8CVSS9.8AI score0.03406EPSS
Exploits0References3
exploitpack
exploitpack
added 2017/06/16 12:0 a.m.35 views

WebKit JSC - Intl.getCanonicalLocales Heap Buffer Overflow

WebKit JSC - Intl.getCanonicalLocales Heap Buffer Overflow arrayStorage; storage-msparseMap.clear; storage-mindexBias = 0; storage-mnumValuesInVector = 0; return butterfly; It allocates a fixed sizeBASEARRAYSTORAGEVECTORLEN of memory without caring about |initialLength|. So a BOF occurs in the...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/25 12:0 a.m.33 views

WebKit - 'enqueuePageshowEvent' / 'enqueuePopstateEvent' Universal Cross-Site Scripting

view-frame.page; frame.tree.appendChildchildFrame-view-frame; childFrame-open; enqueuePageshowEventPageshowEventPersisted; HistoryItem historyItem = frame.loader.history.currentItem; if historyItem && historyItem-stateObject mdocument-enqueuePopstateEventhistoryItem-stateObject;...

7.4AI score
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2017/04/18 3:25 p.m.18 views

Async iterators and generators

Streaming fetches are supported in Chrome, Edge, and Safari, and they look a little like this: async function getResponseSizeurl const response = await fetchurl; const reader = response.body.getReader; let total = 0; while true const done, value = await reader.read; if done return total; total +=...

7.1AI score
Exploits0
Fedora
Fedora
added 2017/04/01 5:53 p.m.23 views

[SECURITY] Fedora 26 Update: R-3.3.3-1.fc26

This is a metapackage that provides both core R userspace and all R development components. R is a language and environment for statistical computing and graphics. R is similar to the award-winning S system, which was developed at Bell Laboratories by John Chambers et al. It provides a wide varie...

8.8CVSS2.4AI score0.02403EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2016/09/02 12:0 a.m.28 views

CVE-2016-5153

The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service use-after-destruction or possibly have unspecified other...

8.8CVSS7.3AI score0.01114EPSS
Exploits0References3
Talos
Talos
added 2016/06/14 12:0 a.m.38 views

Ruby pack_pack Use After Free Vulnerability

Talos Vulnerability Report TALOS-2016-0033 Ruby packpack Use After Free Vulnerability June 14, 2016 CVE Number CVE-2016-2338 DESCRIPTION An exploitable User After Free vulnerability exists in the packpack function of Ruby. In packpack function each element of array which should be “pack”, based o...

9.8CVSS9.5AI score0.04644EPSS
Exploits3
ArchLinux
ArchLinux
added 2015/08/16 12:0 a.m.34 views

glibc: denial of service

It was found that the files backend of Name Service Switch NSS did not isolate iteration over an entire database from key-based look-up API calls. An application performing look-ups on a database while iterating over it could enter an infinite loop, leading to a denial of service...

5CVSS2.4AI score0.05609EPSS
Exploits1References3
Prion
Prion
added 2015/06/15 3:59 p.m.26 views

Code injection

The compatiret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service large loop and system hang via a hypercalliret call with EFLAGS.VM set...

4.9CVSS6.5AI score0.00437EPSS
Exploits0References12Affected Software1
Mageia
Mageia
added 2015/05/06 3:16 p.m.61 views

Updated glibc packages fix security vulnerabilities

Updated glibc package fixes security vulnerabilities: It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in...

6.8CVSS9.6AI score0.05808EPSS
Exploits3References7
Rows per page
Query Builder