VYPR

linux

by Debian

Source repositories

CVEs (3,007)

  • CVE-2017-5637HigOct 10, 2017
    risk 0.58cvss 7.5epss 0.74

    Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue,…

  • CVE-2017-14495HigOct 3, 2017
    risk 0.58cvss 7.5epss 0.84

    Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

  • CVE-2017-14160HigSep 21, 2017
    risk 0.58cvss 8.8epss 0.05

    The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.

  • CVE-2017-14482HigSep 14, 2017
    risk 0.58cvss 8.8epss 0.04

    GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in…

  • CVE-2017-14152HigSep 5, 2017
    risk 0.58cvss 8.8epss 0.05

    A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in…

  • CVE-2017-14151HigSep 5, 2017
    risk 0.58cvss 8.8epss 0.05

    An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c…

  • CVE-2017-1000083HigSep 5, 2017
    risk 0.58cvss 7.8epss 0.50

    backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a…

  • CVE-2017-0899CriAug 31, 2017
    risk 0.58cvss 9.8epss 0.11

    RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences.

  • CVE-2017-14041HigAug 30, 2017
    risk 0.58cvss 8.8epss 0.06

    A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

  • CVE-2017-14040HigAug 30, 2017
    risk 0.58cvss 8.8epss 0.05

    An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact.

  • CVE-2017-14039HigAug 30, 2017
    risk 0.58cvss 8.8epss 0.04

    A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.

  • CVE-2017-12904HigAug 23, 2017
    risk 0.58cvss 8.8epss 0.06

    Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL.

  • CVE-2017-9935HigJun 26, 2017
    risk 0.58cvss 8.8epss 0.04

    In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or…

  • CVE-2017-8386HigJun 1, 2017
    risk 0.58cvss 8.8epss 0.12

    git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository…

  • CVE-2016-9842HigMay 23, 2017
    risk 0.58cvss 8.8epss 0.05

    The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

  • CVE-2016-9840HigMay 23, 2017
    risk 0.58cvss 8.8epss 0.05

    inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

  • CVE-2017-6891HigMay 22, 2017
    risk 0.58cvss 8.8epss 0.06

    Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.

  • CVE-2017-9078HigMay 19, 2017
    risk 0.58cvss 8.8epss 0.05

    The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.

  • CVE-2017-8361HigApr 30, 2017
    risk 0.58cvss 8.8epss 0.04

    The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

  • CVE-2016-8862HigFeb 15, 2017
    risk 0.58cvss 8.8epss 0.04

    The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

Page 12 of 151