VYPR
Vendor

Swi Prolog

Products
2
CVEs
4
Across products
5
Status
Private

Products

2

Recent CVEs

4
  • CVE-2017-17524HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.01

    library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

  • CVE-2012-6090Jan 4, 2013
    risk 0.00cvss epss 0.03

    Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.

  • CVE-2012-6089Jan 4, 2013
    risk 0.00cvss epss 0.04

    Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.

  • CVE-2011-2896Aug 19, 2011
    risk 0.00cvss epss 0.13

    The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the…