|
250741
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18246
|
2024-11-21 12:19 |
2018-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250742
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18245
|
2024-11-21 12:19 |
2018-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250743
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18244
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250744
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18243
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250745
|
6.5 |
MEDIUM
Network
|
libav
|
libav
|
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18242
|
2024-11-21 12:19 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250746
|
4.8 |
MEDIUM
Network
|
atlassian
|
fisheye
crucible
|
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or Java…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18094
|
2024-11-21 12:19 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250747
|
5.5 |
MEDIUM
Local
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18241
|
2024-11-21 12:19 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250748
|
5.5 |
MEDIUM
Local
|
collectd
|
collectd
|
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access …
|
CWE-20
Improper Input Validation
|
CVE-2017-18240
|
2024-11-21 12:19 |
2018-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250749
|
9.8 |
CRITICAL
Network
|
authentikat-jwt_project
|
authentikat-jwt
|
A time-sensitive equality check on the JWT signature in the JsonWebToken.validate method in main/scala/authentikat/jwt/JsonWebToken.scala in authentikat-jwt (aka com.jason-goodwin/authentikat-jwt) ve…
|
NVD-CWE-noinfo
|
CVE-2017-18239
|
2024-11-21 12:19 |
2018-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250750
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl().
|
CWE-416
Use After Free
|
CVE-2017-18066
|
2024-11-21 12:19 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
