Lucene search
K

142 matches found

RedhatCVE
RedhatCVE
added 2017/07/19 12:18 p.m.31 views

CVE-2017-9814

cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...

7.5CVSS4.9AI score0.03463EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/19 12:0 a.m.28 views

cairo cairo-truetype-subset.c file denial of service vulnerability

cairo is a cross-platform open source vector graphics library developed by software developers Carl Worth and Behdad Esfahbod, which supports 2D drawing in multiple contexts and provides high-quality display and printouts. A security vulnerability exists in the cairo-truetype-subset.c file in cai...

7.5CVSS5.7AI score0.03463EPSS
Exploits1References1
OSV
OSV
added 2017/07/17 1:18 p.m.2 views

UBUNTU-CVE-2017-9814

cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...

7.5CVSS6.6AI score0.03463EPSS
Exploits1References4
Cvelist
Cvelist
added 2017/07/14 5:0 a.m.29 views

CVE-2017-9814

cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...

7.3AI score0.03463EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2017/07/14 12:0 a.m.3 views

PT-2017-19200 · Cairo +3 · Cairo +3

Name of the Vulnerable Software and Affected Versions: cairo versions 1.15.6 and earlier Description: The issue allows remote attackers to cause a denial of service due to an out-of-bounds read. This is because of mishandling of an unexpected malloc0 call in the cairo-truetype-subset.c file...

7.8CVSS6AI score0.07784EPSS
Exploits4References61
RedhatCVE
RedhatCVE
added 2017/06/16 12:52 p.m.36 views

CVE-2017-7375

A flaw in libxml2 allows remote XML entity inclusion with default parser flags i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes. Depending on the context, this may expose a higher-risk attack surface in libxml2 not...

9.8CVSS1AI score0.0264EPSS
Exploits0References1
Fedora
Fedora
added 2016/07/06 5:52 a.m.36 views

[SECURITY] Fedora 22 Update: mingw-xerces-c-3.1.4-1.fc22

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

10CVSS2.8AI score0.14138EPSS
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2014/08/19 12:0 a.m.14 views

Minimising font downloads

Optimising fonts is pretty difficult for larger sites. There's an easy solution, although only some browsers support it. Translations Français Fonts can be big Really big. They can be anywhere from 70k to many megabytes compressed of course, because why wouldn't you?. You want bold? Well, you jus...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2014/03/24 12:0 a.m.75 views

php-font-lib 0.3 Cross Site Scripting

========================================================== php-font-lib - Subset maker makesubset.php Reflected Cross-site Scripting Revision 1.0 ========================================================== Author: Daniel C. Marques @0xc0da Release date: 2014-03-23 Reference:...

4.3CVSS6.6AI score0.02135EPSS
Exploits3
seebug.org
seebug.org
added 2012/08/21 12:0 a.m.110 views

PostgreSQL 'xslt_process()'任意文件创建或覆盖漏洞

Bugtraq ID:55072 CVE ID: CVE-2012-3488 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL解析XSLT样式表时"xsltprocess"函数存在错误,允许攻击者利用漏洞创建或覆盖任意文件。 0 PostgreSQL 8.x PostgreSQL 9.x 厂商解决方案 PostgreSQL 9.1.5, 9.0.9, 8.4.13或8.3.20已经修复此漏洞,建议用户下载使用: http://www.postgresql.org...

4.9CVSS6.9AI score0.03297EPSS
Exploits1
Ubuntu
Ubuntu
added 2012/05/08 7:41 a.m.77 views

USN-1440-1: Linux kernel (Natty backport) vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...

7.8CVSS6.4AI score0.02678EPSS
Exploits5
Ubuntu
Ubuntu
added 2012/05/01 5:24 a.m.71 views

USN-1433-1: Linux kernel (Oneiric backport) vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...

7.8CVSS6.3AI score0.01014EPSS
Exploits5
Ubuntu
Ubuntu
added 2012/05/01 3:41 a.m.80 views

USN-1431-1: Linux kernel vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...

7.8CVSS6.3AI score0.01014EPSS
Exploits5
OpenVAS
OpenVAS
added 2012/04/13 12:0 a.m.43 views

Ubuntu Update for linux-lts-backport-maverick USN-1421-1

Ubuntu Update for Linux kernel vulnerabilities USN-1421-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14211.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1421-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...

10CVSS0.01014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2012/04/13 12:0 a.m.52 views

Ubuntu Update for linux USN-1422-1

Ubuntu Update for Linux kernel vulnerabilities USN-1422-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14221.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1422-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

10CVSS0.2AI score0.01014EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2012/04/13 12:0 a.m.62 views

Ubuntu 11.04 : linux vulnerabilities (USN-1422-1)

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Barwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2012/03/29 12:0 a.m.36 views

Ubuntu Update for linux USN-1405-1

Ubuntu Update for Linux kernel vulnerabilities USN-1405-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14051.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1405-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

10CVSS0.5AI score0.01014EPSS
Exploits7References2
Packet Storm
Packet Storm
added 2009/01/14 12:0 a.m.25 views

Cisco VLAN Trunking Protocol Denial Of Service

/DoS code for Cisco VLAN Trunking Protocol Vulnerability vulerability discription: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml To Known: 1.the switch must in Server/Client Mode. 2.the port ,attacker connected,must be in trunk Mode. Cisco Ethernet ports with no configuration a...

0.2AI score
Exploits0
Prion
Prion
added 2007/08/08 10:17 p.m.16 views

Buffer overflow

Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges...

6.9CVSS7AI score0.00345EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/08/08 10:17 p.m.13 views

CVE-2007-4237

Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges...

6.9CVSS6.7AI score0.00345EPSS
Exploits0References6
Rows per page
Query Builder