Lucene search
K

5 matches found

CVE
CVE
added 2019/02/04 7:0 a.m.811 views

CVE-2019-7317

CVE-2019-7317 is a use-after-free involving png_image_free in libpng. A connected document ties this to the FLTK package, affecting versions less than 1.3.8-1, and states that upgrading to a later FLTK version resolves the issue. If applying this advisory, upgrade FLTK to 1.3.8-1 or newer for rem...

5.3CVSS6.3AI score0.09393EPSS
CVE
CVE
added 2020/11/16 9:0 p.m.442 views

CVE-2020-26217

XStream (Java) vulnerable to remote code execution via insecure XML deserialization. The issue affects versions before 1.4.14 where processing input streams can lead to arbitrary shell execution. The advisory notes that only users relying on a blocklist are affected, while those using the securit...

9.3CVSS8.2AI score0.85001EPSS
Web
CVE
CVE
added 2018/05/16 5:0 p.m.412 views

CVE-2018-11212

CVE-2018-11212 affects libjpeg/libjpeg-turbo: the alloc_sarray function in jmemmgr.c allows a remote attacker to cause a denial of service via a crafted file due to a divide-by-zero error. Public advisories (e.g., ALAS2-2019-1198, ALAS-2019-1286, AL2/ALSA-centos/CESA-2019:2052, Debian DLA-1638-1)...

6.5CVSS6.2AI score0.05074EPSS
CVE
CVE
added 2018/06/26 4:0 p.m.316 views

CVE-2017-7657

CVE-2017-7657 affects Eclipse Jetty: transfer-encoding chunk size parsing could overflow an integer, causing large chunks to be treated as smaller ones and enabling a fake pipelined request that bypasses intermediary authorization. Affected versions include Jetty 9.2.x and older, 9.3.x (all confi...

9.8CVSS9.1AI score0.16154EPSS
CVE
CVE
added 2019/10/09 6:26 p.m.60 views

CVE-2019-5507

NetApp SnapManager for Oracle is affected by an information-disclosure vulnerability prior to version 3.4.2P1, as described in CVE-2019-5507. The issue impacts NetApp SnapManager for Oracle when running versions before 3.4.2P1, enabling disclosure of sensitive information. Remediation is to upgra...

5.5CVSS5.2AI score0.00367EPSS