|
255611
|
9.8 |
CRITICAL
Network
|
videolan
|
vlc_media_player
|
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (applic…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-10699
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255612
|
5.5 |
MEDIUM
Local
|
antiy
|
antivirus_engine
|
Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a denial of service (BSOD) via a long third argument in a DeviceIoControl call.
|
CWE-20
Improper Input Validation
|
CVE-2017-10674
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255613
|
9.8 |
CRITICAL
Network
|
xoev
|
osci_transport_library
|
An XML External Entity (XXE) issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET), exploitable by sending a crafted standard-conform…
|
CWE-611
XXE
|
CVE-2017-10670
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255614
|
6.5 |
MEDIUM
Network
|
xoev
|
osci_transport_library
|
Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). An attacker with access to unencrypted OSCI protocol messages mus…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2017-10669
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255615
|
5.9 |
MEDIUM
Network
|
xoev
|
osci_transport_library
|
A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). Under an MITM condition within the OSCI infrastructure, an attacker…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2017-10668
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255616
|
7.5 |
HIGH
Network
|
libtiff
|
libtiff
|
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack.
|
CWE-20
Improper Input Validation
|
CVE-2017-10688
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255617
|
7.5 |
HIGH
Network
|
libsass
|
libsass
|
In LibSass 3.4.5, there is a heap-based buffer over-read in the function json_mkstream() in sass_context.cpp. A crafted input will lead to a remote denial of service attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-10687
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255618
|
9.8 |
CRITICAL
Network
|
gnu
|
ncurses
|
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2017-10685
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255619
|
7.8 |
HIGH
Local
|
nasm
canonical
|
netwide_assembler
ubuntu_linux
|
In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function…
|
CWE-416
Use After Free
|
CVE-2017-10686
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255620
|
9.8 |
CRITICAL
Network
|
gnu
|
ncurses
|
In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10684
|
2024-11-21 12:06 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
