|
253321
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
|
NVD-CWE-noinfo
|
CVE-2017-5502
|
2024-11-21 12:27 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253322
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5501
|
2024-11-21 12:27 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253323
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
|
NVD-CWE-noinfo
|
CVE-2017-5500
|
2024-11-21 12:27 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253324
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5499
|
2024-11-21 12:27 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253325
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
|
NVD-CWE-noinfo
|
CVE-2017-5498
|
2024-11-21 12:27 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253326
|
9.8 |
CRITICAL
Network
|
tigervnc
|
tigervnc
|
Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer bound…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5581
|
2024-11-21 12:27 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253327
|
9.8 |
CRITICAL
Network
|
opentext
|
documentum_d2
|
OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons C…
|
CWE-20
Improper Input Validation
|
CVE-2017-5586
|
2024-11-21 12:27 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253328
|
8.8 |
HIGH
Network
|
opentext
|
documentum_content_server
|
OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict D…
|
CWE-74
Injection
|
CVE-2017-5585
|
2024-11-21 12:27 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253329
|
9.8 |
CRITICAL
Network
|
dotcms
|
dotcms
|
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query e…
|
CWE-89
SQL Injection
|
CVE-2017-5344
|
2024-11-21 12:27 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253330
|
7.5 |
HIGH
Network
|
fedoraproject
gnu
|
fedora
ed
|
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
|
CWE-416
Use After Free
|
CVE-2017-5357
|
2024-11-21 12:27 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
