Lucene search
+L

525 matches found

CNVD
CNVD
added 2018/03/07 12:0 a.m.3 views

ZZIPlib Invalid Memory Address Dereference Vulnerability

ZZIPlib is a set of lightweight file compression tools. A security vulnerability exists in the 'zzipdiskfread' function of the mmapped.c file in ZZIPlib version 0.13.68. An attacker can exploit this vulnerability to cause a denial of service reverse reference to an invalid memory address and cras...

6.5CVSS6.7AI score0.01723EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/03/06 5:0 p.m.17 views

CVE-2018-7725

An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzipdiskfread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service...

5.7AI score0.01723EPSS
Exploits1References4
Cvelist
Cvelist
added 2018/02/22 12:0 a.m.31 views

CVE-2018-7284

A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the respjsippubsub module stores the accepted formats present in the Accept headers of the request. Th...

7.5AI score0.58284EPSS
Exploits5References5
Cvelist
Cvelist
added 2018/02/15 10:0 a.m.19 views

CVE-2017-12722

An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the...

6AI score0.02461EPSS
Exploits0References3
OSV
OSV
added 2018/02/12 3:29 p.m.3 views

USN-3566-1 php5 vulnerabilities

It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting XSS attacks. CVE-2018-5712 It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use thi...

9.8CVSS7AI score0.79949EPSS
Exploits2References4
OSV
OSV
added 2018/01/05 8:29 a.m.3 views

CVE-2017-16728

An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash...

7.5CVSS5.8AI score0.02079EPSS
Exploits0References2
CVE
CVE
added 2018/01/05 8:0 a.m.73 views

CVE-2017-16728

CVE-2017-16728 concerns Advantech WebAccess before 8.3, where an untrusted pointer dereference in the webvrpcs/drawsrv components can cause invalid memory dereference. Public sources describe potential crashes and, in ZDI advisories, remote code execution scenarios without authentication via IOCT...

7.5CVSS7.4AI score0.02079EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/01/02 12:0 a.m.5 views

Linux kernel memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'the usbtvprobe' function in the drivers/media/usb/usbtv/usbtv-core.c file in Linux kernel 4.14.10 and earlier. An attacker can...

5.5CVSS7.8AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2017/10/27 9:29 p.m.2 views

DEBIAN-CVE-2017-15938

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, miscalculates DWFORMrefaddr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service findabstractinstancename invalid memory read, segmentation...

7.5CVSS8.9AI score0.04726EPSS
Exploits0References1
OSV
OSV
added 2017/10/23 12:0 a.m.4 views

UBUNTU-CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.1CVSS7.4AI score0.06224EPSS
Exploits0References5
CNVD
CNVD
added 2017/09/18 12:0 a.m.7 views

ImageMagick Denial of Service Vulnerability (CNVD-2017-27286)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the DrawGetStrokeDashArray function of the wand/drawing-wand.c file in...

6.5CVSS7.2AI score0.01485EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/18 12:0 a.m.4 views

minidjvu denial of service vulnerability (CNVD-2017-25769)

minidjvu is a command-line utility for encoding and decoding single-page black-and-white DjVu files with the ability to compress multiple pages, taking advantage of similarities between pages. The mdjvubitmappackrow function denial of service vulnerability in base/4bitmap.c in Minidjvu allows an...

6.5CVSS6.3AI score0.00882EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/08/10 11:20 p.m.4 views

Mozilla: Use-after-free resizing image elements (MFSA 2017-19)

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...

9.8CVSS7.3AI score0.02711EPSS
Exploits1References5
OSV
OSV
added 2017/07/27 6:29 a.m.4 views

DEBIAN-CVE-2017-9259

The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service memory allocation error and application crash via a crafted wav file...

5.5CVSS6.2AI score0.06151EPSS
Exploits3References1
CNVD
CNVD
added 2017/07/21 12:0 a.m.2 views

WebKit memory corruption vulnerability in multiple Apple products (CNVD-2017-16618)

Apple iOS, iCloud for Windows, iTunes for Windows, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. WebKit is an open source web...

8.8CVSS7.7AI score0.08059EPSS
Exploits4References1
OSV
OSV
added 2017/07/20 12:0 a.m.1 views

UBUNTU-CVE-2017-7046

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote...

8.8CVSS7.7AI score0.07209EPSS
Exploits4References10
exploitpack
exploitpack
added 2017/07/07 12:0 a.m.16 views

Firefox 54.0.1 - Denial of Service

Firefox 54.0.1 - Denial of Service + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: =============== www.mozilla.org Product: =============== Firefox v54.0....

7.3AI score
Exploits0
0day.today
0day.today
added 2017/07/07 12:0 a.m.21 views

Firefox 54.0.1 - Denial of Service Exploit

Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx Vendor: =============== www.mozilla.org Product: =============== Firefox v54.0.1 Vulnerability Type: =================== Denial Of Service Security Issue: ================ Dynamically creating HTML elements...

0.2AI score
Exploits0
Veracode
Veracode
added 2017/07/05 5:43 a.m.22 views

Denial Of Service (DoS) Through Memory Leak

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass a MAT image file to the application to cause a memory leak. This can cause the application to run out of memory and crash...

5.5CVSS6.2AI score0.01237EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/06/07 1:29 a.m.3 views

ALPINE-CVE-2017-9469

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash...

7.5CVSS6.9AI score0.06084EPSS
Exploits0References1
Rows per page
Query Builder