|
253881
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18243
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253882
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18242
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253883
|
4.8 |
MEDIUM
Network
|
atlassian
|
fisheye
crucible
|
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or Java…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18094
|
2024-11-21 12:19 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253884
|
5.5 |
MEDIUM
Local
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18241
|
2024-11-21 12:19 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253885
|
5.5 |
MEDIUM
Local
|
collectd
|
collectd
|
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access …
|
CWE-20
Improper Input Validation
|
CVE-2017-18240
|
2024-11-21 12:19 |
2018-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253886
|
9.8 |
CRITICAL
Network
|
authentikat-jwt_project
|
authentikat-jwt
|
A time-sensitive equality check on the JWT signature in the JsonWebToken.validate method in main/scala/authentikat/jwt/JsonWebToken.scala in authentikat-jwt (aka com.jason-goodwin/authentikat-jwt) ve…
|
NVD-CWE-noinfo
|
CVE-2017-18239
|
2024-11-21 12:19 |
2018-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253887
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl().
|
CWE-416
Use After Free
|
CVE-2017-18066
|
2024-11-21 12:19 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253888
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vent->vdev_id in wma_action_frame_filter_mac_event_handle…
|
CWE-20
Improper Input Validation
|
CVE-2017-18065
|
2024-11-21 12:19 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253889
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing UTF event in wma_process_utf_event…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18062
|
2024-11-21 12:19 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253890
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing AOA measurement event from WIGIG f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18061
|
2024-11-21 12:19 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
