|
249611
|
5.3 |
MEDIUM
Network
|
apple
|
cups
|
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus noti…
|
CWE-20
Improper Input Validation
|
CVE-2017-18248
|
2024-11-21 12:19 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249612
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18247
|
2024-11-21 12:19 |
2018-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249613
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18246
|
2024-11-21 12:19 |
2018-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249614
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18245
|
2024-11-21 12:19 |
2018-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249615
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18244
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249616
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18243
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249617
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18242
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249618
|
4.8 |
MEDIUM
Network
|
atlassian
|
fisheye
crucible
|
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or Java…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18094
|
2024-11-21 12:19 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249619
|
5.5 |
MEDIUM
Local
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18241
|
2024-11-21 12:19 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249620
|
5.5 |
MEDIUM
Local
|
collectd
|
collectd
|
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access …
|
CWE-20
Improper Input Validation
|
CVE-2017-18240
|
2024-11-21 12:19 |
2018-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
