CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

OSV•added 2017/10/18 9:29 p.m.•0 views

UBUNTU-CVE-2017-15600

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTORnsfextractmethod function of plugins/nsfextractor.c...

7.5CVSS7.1AI score0.01659EPSS

Exploits1References5

Prion•added 2017/10/18 9:29 p.m.•12 views

Integer overflow

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...

5CVSS7.3AI score0.00408EPSS

Exploits1References3Affected Software1

OSV•added 2017/10/18 9:29 p.m.•4 views

CVE-2017-15600

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTORnsfextractmethod function of plugins/nsfextractor.c...

7.5CVSS7.4AI score

Exploits0References4

OSV•added 2017/10/18 9:29 p.m.•4 views

CVE-2017-15602

7.5CVSS7.3AI score

Exploits0References3

OSV•added 2017/10/18 9:29 p.m.•6 views

CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...

7.5CVSS7.6AI score

Exploits0References3

Prion•added 2017/10/18 9:29 p.m.•18 views

Null pointer dereference

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTORnsfextractmethod function of plugins/nsfextractor.c...

5CVSS7.5AI score0.01659EPSS

Exploits1References4Affected Software1

OSV•added 2017/10/18 9:29 p.m.•1 views

DEBIAN-CVE-2017-15600

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTORnsfextractmethod function of plugins/nsfextractor.c...

7.5CVSS7.6AI score0.01659EPSS

Exploits1References1

CVE•added 2017/10/18 9:0 p.m.•74 views

CVE-2017-15602

GNU Libextractor 1.4 contains a signedness error in EXTRACTOR_nsfe_extract_method (plugins/nsfe_extractor.c) that can cause an infinite loop when given a crafted chunk size. Affected component is the nsfe_extractor, with the root cause described as an integer signedness issue for chunk size. The ...

7.5CVSS7.2AI score0.00408EPSS

Exploits1References3Affected Software1

Cvelist•added 2017/10/18 9:0 p.m.•20 views

CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...

7.7AI score0.00432EPSS

Exploits1References3

CVE•added 2017/10/18 9:0 p.m.•64 views

CVE-2017-15600

CVE-2017-15600 affects GNU Libextractor version 1.4 and involves a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function (plugins/nsf_extractor.c). The issue can cause a denial of service via a crash when processing certain inputs. The initial description and connected documents c...

7.5CVSS7.3AI score0.01659EPSS

Exploits1References4Affected Software1

Cvelist•added 2017/10/18 9:0 p.m.•17 views

CVE-2017-15600

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTORnsfextractmethod function of plugins/nsfextractor.c...

7.4AI score0.01659EPSS

Exploits1References4

Cvelist•added 2017/10/18 9:0 p.m.•22 views

CVE-2017-15602

7.3AI score0.00408EPSS

Exploits1References3

Debian CVE•added 2017/10/18 9:0 p.m.•23 views

CVE-2017-15602

7.5CVSS7.4AI score0.00408EPSS

Exploits1

CVE•added 2017/10/18 9:0 p.m.•67 views

CVE-2017-15601

CVE-2017-15601: In GNU Libextractor 1.4, there is a heap-based buffer overflow in EXTRACTOR_png_extract_method (plugins/png_extractor.c), related to processiTXt and stndup. Affected as part of Libextractor vulnerabilities tracked across USN/DLA advisories and CNVD entry; impacts include potential...

7.5CVSS7.5AI score0.00432EPSS

Exploits1References3Affected Software1

CNVD•added 2017/10/12 12:0 a.m.•1 views

GNU Libextractor Denial of Service Vulnerability

GNU Libextractor is a set of libraries developed by the GNU Project for extracting metadata from files. A denial of service vulnerability exists in the 'EXTRACTORwavextractmethod' method of the wavextractor.c file in GNU Libextractor version 1.4, which stems from the program failing to detect the...

5.5CVSS6AI score0.00363EPSS

Exploits1References1

CNVD•added 2017/10/12 12:0 a.m.•1 views

GNU Libextractor Denial of Service Vulnerability (CNVD-2017-30423)

GNU Libextractor is a set of libraries developed by the GNU Project for extracting metadata from files. A denial of service vulnerability exists in the 'flacmetadata' function of the flacextractor.c file in GNU Libextractor version 1.4. An attacker can exploit this vulnerability to cause a denial...

7.5CVSS7.4AI score0.0066EPSS

Exploits1References1

OSV•added 2017/10/11 5:29 p.m.•0 views

UBUNTU-CVE-2017-15267

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flacmetadata in flacextractor.c...

7.5CVSS7.1AI score0.0066EPSS

Exploits1References6

OSV•added 2017/10/11 5:29 p.m.•8 views

CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTORwavextractmethod in wavextractor.c via a zero sample rate...

5.5CVSS7.3AI score

Exploits0References5