HDF5 divide by zero error vulnerability (CNVD-2019-03452)

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. A divide-by-zero error vulnerability exists in the 'H5Dchunksetinforeal' function of the H5Dchunk.c file in HDF5 version 1.10.3,...

PT-2018-3951 · Hdf5 +4 · Hdf5 +4

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.10.3 Description: The issue arises from incorrect protection against division by zero in the H5D chunk set info real function of the H5Dchunk.c component in the HDF5 library. This can lead to a SIGFPE signal being raised when...

MapProxy Cross-Site Scripting Vulnerability

MapProxy is an open source geospatial data proxy that caches, accelerates and transforms existing map service data. A cross-site scripting vulnerability exists in the demo service in MapProxy 1.10.3 and earlier versions. A remote attacker can exploit this vulnerability to obtain information...

gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted video file...

gstreamer-plugins-good: Invalid memory read in gst_aac_parse_sink_setcaps

The gstaacparsesinksetcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted audio file...

ALPINE-CVE-2017-5839

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service stack overflow and crash via vectors involving nested WAVEFORMATEX...

DEBIAN-CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

UBUNTU-CVE-2017-5843

Multiple use-after-free vulnerabilities in the 1 gstminiobjectunref, 2 gsttaglistunref, and 3 gstmxfdemuxupdateessencetracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service crash via vectors involving stream tags, as demonstrated by 02785736.mxf...

UBUNTU-CVE-2017-5837

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted video file...

InstantCMS 1.10.3 - Blind SQL Injection

Advisory ID: HTB23185 Product: InstantCMS Vendor: InstantSoft Vulnerable Versions: 1.10.3 and probably prior Tested Version: 1.10.3 Advisory Publication: November 20, 2013 without technical details Vendor Notification: November 20, 2013 Vendor Patch: November 21, 2013 Public Disclosure: December...

InstantCMS 1.10.3 SQL Injection Vulnerability

InstantCMS version 1.10.3 suffers from a remote SQL injection vulnerability. Vendor: InstantSoft Vulnerable Versions: 1.10.3 and probably prior Tested Version: 1.10.3 Advisory Publication: November 20, 2013 without technical details Vendor Notification: November 20, 2013 Vendor Patch: November 21...

Wireshark 1.10.x < 1.10.3 Multiple DoS Vulnerabilities

The installed version of Wireshark 1.10.x is earlier than 1.10.3. It is, therefore, affected by denial of service vulnerabilities in the following dissectors : - IEEE 802.15.4 Bug 9139 - NBAP Bug 9168 - SIP Bug 9228 - ActiveMQ OpenWire Bug 9248 - TCP Bug 9263 C Tenable Network Security, Inc...

DEBIAN-CVE-2013-6337

Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service application crash via a crafted packet...

Home FTP Server Multiple Directory Traversal Vulnerabilities

Home Ftp Server is prone to directory traversal vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...