|
256231
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted NSV file, which claims a l…
|
CWE-834
Excessive Iteration
|
CVE-2017-14171
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256232
|
8.8 |
HIGH
Network
|
ffmpeg
debian
|
ffmpeg
debian_linux
|
In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large "item_num" field such as 0xfffff…
|
CWE-20
Improper Input Validation
|
CVE-2017-14169
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256233
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted MXF file, which claims…
|
CWE-834
Excessive Iteration
|
CVE-2017-14170
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256234
|
6.5 |
MEDIUM
Network
|
libarchive
debian
canonical
|
libarchive
debian_linux
ubuntu_linux
|
libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strin…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14166
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256235
|
6.5 |
MEDIUM
Network
|
graphicsmagick
|
graphicsmagick
|
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote den…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14165
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256236
|
8.8 |
HIGH
Network
|
uclouvain
|
openjpeg
|
A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-b…
|
CWE-119
CWE-787
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Write
|
CVE-2017-14164
|
2024-11-21 12:12 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256237
|
4.7 |
MEDIUM
Local
|
openldap
oracle
|
openldap
blockchain_platform
|
slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-roo…
|
CWE-665
Improper Initialization
|
CVE-2017-14159
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256238
|
7.5 |
HIGH
Network
|
scrapy
|
scrapy
|
Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14158
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256239
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive informa…
|
CWE-200
Information Exposure
|
CVE-2017-14156
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256240
|
8.8 |
HIGH
Network
|
uclouvain
debian
|
openjpeg
debian_linux
|
A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of serv…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14152
|
2024-11-21 12:12 |
2017-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
