VYPR

Fedora

by Fedoraproject

CVEs (790)

  • CVE-2017-13748HigAug 29, 2017
    risk 0.49cvss 7.5epss 0.05

    There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.

  • CVE-2017-13747HigAug 29, 2017
    risk 0.49cvss 7.5epss 0.04

    There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.

  • CVE-2017-13746HigAug 29, 2017
    risk 0.49cvss 7.5epss 0.04

    There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.

  • CVE-2015-1783HigAug 11, 2017
    risk 0.49cvss 7.5epss 0.03

    The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors.

  • CVE-2015-3405HigAug 9, 2017
    risk 0.49cvss 7.5epss 0.05

    ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the…

  • CVE-2015-5300HigJul 21, 2017
    risk 0.49cvss 7.5epss 0.09

    The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up…

  • CVE-2017-1000050HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.03

    JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.

  • CVE-2016-6342HigJun 27, 2017
    risk 0.49cvss 7.5epss 0.01

    elog 3.1.1 allows remote attackers to post data as any username in the logbook.

  • CVE-2016-5391HigJun 13, 2017
    risk 0.49cvss 7.5epss 0.03

    libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart).

  • CVE-2016-3704HigJun 13, 2017
    risk 0.49cvss 7.5epss 0.02

    Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords.

  • CVE-2016-10132HigMar 24, 2017
    risk 0.49cvss 7.5epss 0.02

    regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.

  • CVE-2016-9399HigMar 23, 2017
    risk 0.49cvss 7.5epss 0.04

    The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

  • CVE-2016-9398HigMar 23, 2017
    risk 0.49cvss 7.5epss 0.06

    The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

  • CVE-2016-9397HigMar 23, 2017
    risk 0.49cvss 7.5epss 0.04

    The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

  • CVE-2017-6311HigMar 10, 2017
    risk 0.49cvss 7.5epss 0.03

    gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.

  • CVE-2016-7972HigMar 3, 2017
    risk 0.49cvss 7.5epss 0.05

    The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.

  • CVE-2016-7970HigMar 3, 2017
    risk 0.49cvss 7.5epss 0.05

    Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.

  • CVE-2016-7969HigMar 3, 2017
    risk 0.49cvss 7.5epss 0.04

    The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."

  • CVE-2016-9956HigFeb 22, 2017
    risk 0.49cvss 7.5epss 0.03

    The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.

  • CVE-2017-5357HigFeb 17, 2017
    risk 0.49cvss 7.5epss 0.03

    regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

Page 10 of 40