| Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-6964 | 7.2 |
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged use
|
21-01-2024 - 01:37 | 28-03-2017 - 01:59 | |
| CVE-2017-5847 | 5.0 |
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
|
20-11-2020 - 19:01 | 09-02-2017 - 15:59 | |
| CVE-2017-5846 | 4.3 |
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of
|
30-05-2020 - 18:15 | 09-02-2017 - 15:59 | |
| CVE-2017-5840 | 5.0 |
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
|
30-05-2020 - 18:15 | 09-02-2017 - 15:59 | |
| CVE-2016-10198 | 4.3 |
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
|
30-05-2020 - 18:15 | 09-02-2017 - 15:59 | |
| CVE-2017-2669 | 5.0 |
Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through var_expand() to perform %variable expansion. Sending speci
|
09-10-2019 - 23:27 | 21-06-2018 - 13:29 | |
| CVE-2016-9591 | 4.3 |
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
|
09-10-2019 - 23:20 | 09-03-2018 - 20:29 | |
| CVE-2017-6369 | 6.5 |
Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.
|
03-10-2019 - 00:03 | 24-03-2017 - 10:59 | |
| CVE-2017-0360 | 3.5 |
file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. NOTE: This vulnerability exists because of an incomplete fix for CVE-201
|
03-10-2019 - 00:03 | 04-04-2017 - 17:59 | |
| CVE-2016-3822 | 6.8 |
exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds ac
|
05-11-2018 - 20:33 | 05-08-2016 - 20:59 | |
| CVE-2015-6644 | 4.3 |
Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146.
|
17-10-2018 - 10:29 | 06-01-2016 - 19:59 | |
| CVE-2003-0695 | 7.5 |
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a differe
|
03-05-2018 - 01:29 | 06-10-2003 - 04:00 | |
| CVE-2003-0693 | 10.0 |
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CV
|
03-05-2018 - 01:29 | 22-09-2003 - 04:00 | |
| CVE-2003-0682 | 7.5 |
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.
|
03-05-2018 - 01:29 | 06-10-2003 - 04:00 | |
| CVE-2017-5841 | 5.0 |
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.
|
05-01-2018 - 02:31 | 09-02-2017 - 15:59 | |
| CVE-2017-5838 | 5.0 |
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
|
05-01-2018 - 02:31 | 09-02-2017 - 15:59 | |
| CVE-2017-5845 | 5.0 |
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding t
|
05-01-2018 - 02:31 | 09-02-2017 - 15:59 | |
| CVE-2016-10249 | 6.8 |
Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow.
|
05-01-2018 - 02:30 | 15-03-2017 - 14:59 | |
| CVE-2016-10199 | 5.0 |
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
|
05-01-2018 - 02:30 | 09-02-2017 - 15:59 | |
| CVE-2016-10251 | 6.8 |
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
|
05-01-2018 - 02:30 | 15-03-2017 - 14:59 |