514 matches found
CVE-2019-1010173
Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function JsiValueArrayIndex jsiValue.c:366. The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3...
Code injection
Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function JsiValueArrayIndex jsiValue.c:366. The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3...
CVE-2019-1010173
CVE-2019-1010173 affects Jsish 2.4.84 (2.0484). The vulnerability is a Reachable Assertion in Jsi_ValueArrayIndex (jsiValue.c:366) that can cause a denial of service when crafting JavaScript code is executed. The fixed version is available after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3. Ex...
CVE-2019-1010173
Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function JsiValueArrayIndex jsiValue.c:366. The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3...
CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
Poppler Object::getString reachable assertion vulnerability
Poppler is based on xpdf-3.0 code base PDF rendering library. Poppler 0.72.0 exists Object::getString there is a reachable assertion vulnerability , the vulnerability stems from the Annot.c in the AnnotRichMedia class to build invalid rich media annotated assets , an attacker can use the...
CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
Design/Logic Flaw
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
CVE-2018-20217
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...
UBUNTU-CVE-2018-9055
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c...
CVE-2017-17722
CVE-2017-17722 relates to Exiv2 0.26 where a reachable assertion in bigtiffimage.cpp readHeader could enable a remote denial of service via a crafted TIFF file. The connected advisories confirm multiple Exiv2-related issues across formats (CRW, PNG, WebP, PSD) and note the fixed version is 0.27.2...
CVE-2017-17722
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file...
Updated exiv2 packages fix security vulnerabilities & bugs
Opening an image created on certain pentax cameras with gwenview, which uses the exiv2 library, causes gwenview to segfault. Exiv2 upstream created a patch to resolve this problem bugfix - applies only to mga6. The following security issues were also fixed: Heap overflow in...
CVE-2017-15371
There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...
CVE-2017-15371
There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...
CVE-2017-13751
There is a reachable assertion abort in the function calcstepsizes in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack...