VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2015-5194HigJul 21, 2017
    risk 0.42cvss 7.5epss 0.06

    The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

  • CVE-2017-11352MedJul 17, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.

  • CVE-2017-9989MedJun 28, 2017
    risk 0.42cvss 6.5epss 0.02

    util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack.

  • CVE-2017-9988MedJun 28, 2017
    risk 0.42cvss 6.5epss 0.02

    The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c.

  • CVE-2017-9735HigJun 16, 2017
    risk 0.42cvss 7.5epss 0.06

    Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

  • CVE-2015-1207MedJun 6, 2017
    risk 0.42cvss 6.5epss 0.01

    Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.

  • CVE-2017-9408MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.02

    In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9406MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9404MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9403MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-8379MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

  • CVE-2017-9144MedMay 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.

  • CVE-2017-9143MedMay 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.

  • CVE-2017-9142MedMay 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.

  • CVE-2017-9141MedMay 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.

  • CVE-2017-9065HigMay 18, 2017
    risk 0.42cvss 7.5epss 0.04

    In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.

  • CVE-2017-8831MedMay 8, 2017
    risk 0.42cvss 6.4epss 0.00

    The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a…

  • CVE-2017-8112MedMay 2, 2017
    risk 0.42cvss 6.5epss 0.00

    hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

  • CVE-2017-8086MedMay 2, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.

  • CVE-2017-8357MedApr 30, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.

Page 57 of 151