Lucene search
+L

514 matches found

OSV
OSV
added 2019/07/23 3:15 p.m.2 views

CVE-2019-1010173

Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function JsiValueArrayIndex jsiValue.c:366. The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3...

7.5CVSS7.1AI score0.01109EPSS
Exploits1References1
Prion
Prion
added 2019/07/23 3:15 p.m.18 views

Code injection

Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function JsiValueArrayIndex jsiValue.c:366. The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3...

5CVSS7.6AI score0.01109EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/07/23 2:0 p.m.42 views

CVE-2019-1010173

CVE-2019-1010173 affects Jsish 2.4.84 (2.0484). The vulnerability is a Reachable Assertion in Jsi_ValueArrayIndex (jsiValue.c:366) that can cause a denial of service when crafting JavaScript code is executed. The fixed version is available after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3. Ex...

7.5CVSS7.5AI score0.01109EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/23 2:0 p.m.29 views

CVE-2019-1010173

Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function JsiValueArrayIndex jsiValue.c:366. The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3...

7.5AI score0.01109EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2019/01/10 9:50 p.m.31 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

5.3CVSS2.5AI score0.01417EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/28 12:0 a.m.3 views

Poppler Object::getString reachable assertion vulnerability

Poppler is based on xpdf-3.0 code base PDF rendering library. Poppler 0.72.0 exists Object::getString there is a reachable assertion vulnerability , the vulnerability stems from the Annot.c in the AnnotRichMedia class to build invalid rich media annotated assets , an attacker can use the...

6.5CVSS7.8AI score0.0195EPSS
Exploits1References1
NVD
NVD
added 2018/12/26 9:29 p.m.19 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

5.3CVSS5.4AI score0.01417EPSS
Exploits0References6
OSV
OSV
added 2018/12/26 9:29 p.m.31 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

5.3CVSS6.5AI score
Exploits0References6
Prion
Prion
added 2018/12/26 9:29 p.m.28 views

Design/Logic Flaw

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

3.5CVSS5.4AI score0.01417EPSS
Exploits0References6Affected Software2
UbuntuCve
UbuntuCve
added 2018/12/26 9:29 p.m.31 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

5.3CVSS6.7AI score0.01417EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/12/26 8:0 p.m.26 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

5.3CVSS6.1AI score0.01417EPSS
Exploits0
Cvelist
Cvelist
added 2018/12/26 8:0 p.m.20 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

5.4AI score0.01417EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2018/12/26 8:0 p.m.344 views

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...

5.3CVSS5.6AI score0.01417EPSS
Exploits0
OSV
OSV
added 2018/03/27 4:29 a.m.2 views

UBUNTU-CVE-2018-9055

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c...

5.5CVSS6.5AI score0.01842EPSS
Exploits1References2
CVE
CVE
added 2018/02/12 10:0 p.m.52 views

CVE-2017-17722

CVE-2017-17722 relates to Exiv2 0.26 where a reachable assertion in bigtiffimage.cpp readHeader could enable a remote denial of service via a crafted TIFF file. The connected advisories confirm multiple Exiv2-related issues across formats (CRW, PNG, WebP, PSD) and note the fixed version is 0.27.2...

6.5CVSS6.2AI score0.01173EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/02/12 10:0 p.m.25 views

CVE-2017-17722

In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file...

6.2AI score0.01173EPSS
Exploits1References1
Mageia
Mageia
added 2017/10/30 7:23 p.m.77 views

Updated exiv2 packages fix security vulnerabilities & bugs

Opening an image created on certain pentax cameras with gwenview, which uses the exiv2 library, causes gwenview to segfault. Exiv2 upstream created a patch to resolve this problem bugfix - applies only to mga6. The following security issues were also fixed: Heap overflow in...

8.8CVSS2.1AI score0.03098EPSS
Exploits8References3
OSV
OSV
added 2017/10/16 4:29 a.m.8 views

CVE-2017-15371

There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...

5.5CVSS5.5AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/10/16 4:29 a.m.27 views

CVE-2017-15371

There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...

5.5CVSS6.4AI score0.01629EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2017/08/29 6:29 a.m.29 views

CVE-2017-13751

There is a reachable assertion abort in the function calcstepsizes in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack...

7.5CVSS6.8AI score0.03623EPSS
Exploits1References1
Rows per page
Query Builder