Total
473 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-13751 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
CVE-2017-13750 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
CVE-2017-13749 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
CVE-2017-13747 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
CVE-2017-13746 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. | |||||
CVE-2017-13745 | 1 Jasper Project | 1 Jasper | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. | |||||
CVE-2017-13727 | 1 Libtiff | 1 Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | |||||
CVE-2017-13726 | 1 Libtiff | 1 Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | |||||
CVE-2017-13673 | 1 Qemu | 1 Qemu | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function. | |||||
CVE-2017-13658 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c. | |||||
CVE-2017-13132 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file. | |||||
CVE-2017-12960 | 1 Gnu | 1 Pspp | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | |||||
CVE-2017-12959 | 1 Gnu | 1 Pspp | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | |||||
CVE-2017-12670 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service. | |||||
CVE-2017-12434 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c. | |||||
CVE-2017-12168 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 6.0 MEDIUM |
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR). | |||||
CVE-2017-11692 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string. | |||||
CVE-2017-11683 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | |||||
CVE-2017-11524 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file. | |||||
CVE-2017-11368 | 2 Fedoraproject, Mit | 3 Fedora, Kerberos, Kerberos 5 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. |