In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong...
5.5CVSS
6.2AI Score
0.001EPSS
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other...
8.8CVSS
5.7AI Score
0.007EPSS
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is...
4.4CVSS
4.8AI Score
0.001EPSS
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than...
4.4CVSS
5.9AI Score
0.008EPSS
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file...
5.5CVSS
6.9AI Score
0.001EPSS
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other...
4.3CVSS
4.5AI Score
0.001EPSS
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to...
5.5CVSS
6.9AI Score
0.001EPSS
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of...
6.5CVSS
6.5AI Score
0.002EPSS
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of...
6.5CVSS
6.5AI Score
0.001EPSS
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a....
6.5CVSS
6.7AI Score
0.003EPSS
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is...
5.5CVSS
7.2AI Score
0.003EPSS
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by...
5.5CVSS
6.2AI Score
0.001EPSS
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...
6.5CVSS
6.2AI Score
0.005EPSS
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF...
6.5CVSS
5.4AI Score
0.008EPSS
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a...
7.5CVSS
7.6AI Score
0.005EPSS
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code...
7.8CVSS
8.3AI Score
0.0005EPSS
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process...
7.5CVSS
8.1AI Score
0.005EPSS
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued...
7.5CVSS
7.4AI Score
0.002EPSS
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode...
5.9CVSS
6AI Score
0.003EPSS
The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to...
7.5CVSS
7.3AI Score
0.002EPSS
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted...
7.8CVSS
7.7AI Score
0.004EPSS
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to...
6.1CVSS
6.2AI Score
0.002EPSS
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated...
7.5CVSS
7.2AI Score
0.023EPSS
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image...
5.5CVSS
6.4AI Score
0.021EPSS
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified...
7.5CVSS
7.3AI Score
0.007EPSS
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission...
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION...
7.5CVSS
5.8AI Score
0.003EPSS
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified...
9.8CVSS
6.7AI Score
0.023EPSS
The png coder in ImageMagick allows remote attackers to cause a denial of service...
7.5CVSS
7.1AI Score
0.018EPSS
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory...
7.5CVSS
7.1AI Score
0.021EPSS
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource...
7.5CVSS
7.1AI Score
0.012EPSS
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application...
7.5CVSS
7.1AI Score
0.017EPSS
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib...
5.5CVSS
5.8AI Score
0.013EPSS
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified...
9.8CVSS
7AI Score
0.014EPSS
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of...
9.8CVSS
7.6AI Score
0.014EPSS
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified...
7.5CVSS
7.1AI Score
0.018EPSS
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image...
5.5CVSS
5.7AI Score
0.009EPSS
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown...
9.8CVSS
7.6AI Score
0.014EPSS
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle...
5.5CVSS
5.7AI Score
0.011EPSS
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data...
6.1CVSS
5.9AI Score
0.002EPSS
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML...
5.5CVSS
5.7AI Score
0.005EPSS
coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of...
5.5CVSS
5.8AI Score
0.009EPSS
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr...
6.5CVSS
7.4AI Score
0.007EPSS
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF...
6.5CVSS
7.2AI Score
0.007EPSS
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge...
9.8CVSS
9.4AI Score
0.008EPSS
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer...
9.8CVSS
9.5AI Score
0.017EPSS
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1) cronic.out.$$, (2) cronic.err.$$, or (3) cronic.trace.$$ file in...
6.2CVSS
6.1AI Score
0.001EPSS
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to...
7.1CVSS
6.8AI Score
0.001EPSS
The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat...
6.2CVSS
6.2AI Score
0.002EPSS
The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two...
6.2CVSS
6.1AI Score
0.002EPSS