UBUNTU-CVE-2017-13008

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-80211.c:parseelements...

Vision2 - Nmap's XML result parse and NVD's CPE correlation to search CVE

Nmap's XML result parse and NVD's CPE correlation to search CVE. You can use that to find public vulnerabilities in services... Nmap\s XML result parser and NVD's CPE correlation to search CVE Example: python vision2.py -f resultscan.xml -l 3 -o txt Coded by Mthbernades and CoolerVoid -...

Gdk-Pixbuf tiff_image_parse function integer overflow vulnerability

Gdk-Pixbuf is a toolkit for image loading and pixel buffer processing. An integer overflow vulnerability exists in the tiffimageparse function in Gdk-Pixbuf version 2.36.6. A remote attacker can exploit this vulnerability to execute code by sending a file or URL...

DEBIAN-CVE-2017-2870

An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability...

CVE-2017-2870

An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability...

UBUNTU-CVE-2017-2870

An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability...

DEBIAN-CVE-2017-13731

There is an illegal address access in the function postprocesstermcap in parseentry.c in ncurses 6.0 that will lead to a remote denial of service attack...

UBUNTU-CVE-2017-13731

There is an illegal address access in the function postprocesstermcap in parseentry.c in ncurses 6.0 that will lead to a remote denial of service attack...

UBUNTU-CVE-2017-12961

There is an assertion abort in the function parseattributes in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service...

DEBIAN-CVE-2017-12961

There is an assertion abort in the function parseattributes in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service...

The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable and allows for memory corruption to occur.

The vulnerability of the Oniguruma library arises from an improper change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...

Microsoft Edge Charka Failed Re-Parse

Microsoft Edge: Chakra: InterpreterStackFrame::ProcessLinkFailedAsmJsModule incorrectly re-parses CVE-2017-8645 When Chakra fails to link an asmjs module, it tries to re-parse the failed-to-link asmjs function to treat it as a normal javascript function. But it incorrectly handles the case where...

Ledger 'ledger::parse_date_mask_routine' function buffer overflow vulnerability

Ledger is an accounting system written by software developer John Wiegley that supports UNIX commands. A security vulnerability in the 'ledger::parsedatemaskroutine' function in the Ledger times.cc file allows remote attackers to exploit the vulnerability by submitting a special file for denial o...

DEBIAN-CVE-2017-12482

The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

UBUNTU-CVE-2017-12482

The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

DEBIAN-CVE-2017-12418

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c...

AZL-7263 CVE-2017-11551 affecting package libid3tag 0.15.1b-33

The id3fieldparse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service OOM via a crafted MP3 file...

ALPINE-CVE-2017-11551

The id3fieldparse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service OOM via a crafted MP3 file...

PT-2017-12095 · Underbit +2 · Libid3Tag +2

Name of the Vulnerable Software and Affected Versions: libid3tag version 0.15.1b Description: The issue allows remote attackers to cause a denial of service OOM via a crafted MP3 file. This is due to a problem in the id3 field parse function in field.c. Recommendations: For libid3tag version...

Remote Code Execution (RCE)

Symfony is vulnerable to remote code execution RCE attacks. The Yaml::parse allows attackers to execute PHP code through a PHP file...