|
254121
|
9.8 |
CRITICAL
Network
|
jerryscript
|
jerryscript
|
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[\x0"); payload.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18212
|
2024-11-21 12:19 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254122
|
9.8 |
CRITICAL
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLK…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18211
|
2024-11-21 12:19 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254123
|
9.8 |
CRITICAL
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18210
|
2024-11-21 12:19 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254124
|
8.8 |
HIGH
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to Ge…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18209
|
2024-11-21 12:19 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254125
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-18208
|
2024-11-21 12:19 |
2018-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254126
|
6.5 |
MEDIUM
Network
|
python
|
python
|
The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exceptio…
|
CWE-369
Divide By Zero
|
CVE-2017-18207
|
2024-11-21 12:19 |
2018-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254127
|
9.8 |
CRITICAL
Network
|
zsh
canonical
|
zsh
ubuntu_linux
|
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18206
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254128
|
8.1 |
HIGH
Network
|
zsh_project
|
zsh
|
In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18205
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254129
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
|
NVD-CWE-noinfo
|
CVE-2017-18204
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254130
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during crea…
|
CWE-362
Race Condition
|
CVE-2017-18203
|
2024-11-21 12:19 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
