|
249471
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-5852
|
2024-11-21 12:28 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249472
|
5.5 |
MEDIUM
Local
|
mp3splt_project
|
mp3splt
|
The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. NOTE: this typically has…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5851
|
2024-11-21 12:28 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249473
|
5.5 |
MEDIUM
Local
|
mp3splt_project
|
mp3splt
|
The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (invalid free and crash) via a crafted file.
|
CWE-416
Use After Free
|
CVE-2017-5666
|
2024-11-21 12:28 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249474
|
5.5 |
MEDIUM
Local
|
libmp3splt_project
|
libmp3splt
|
The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5665
|
2024-11-21 12:28 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249475
|
7.3 |
HIGH
Local
|
intel
|
system_studio
parallel_studio_xe
data_analytics_acceleration_library
integrated_performance_primitives
vtune_amplifier
math_kernel_library
trace_analyzer_and_collector
advisor
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, …
|
NVD-CWE-noinfo
|
CVE-2017-5682
|
2024-11-21 12:28 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
249476
|
7.5 |
HIGH
Network
|
kodi
|
kodi
|
Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e (encoded dot dot slash) in the image path, as demonstrated by …
|
CWE-22
Path Traversal
|
CVE-2017-5982
|
2024-11-21 12:28 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249477
|
9.8 |
CRITICAL
Network
|
fedoraproject
gnome
|
fedora
gtk-vnc
|
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly e…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5885
|
2024-11-21 12:28 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249478
|
7.8 |
HIGH
Local
|
fedoraproject
gnome
|
fedora
gtk-vnc
|
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) …
|
CWE-118
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5884
|
2024-11-21 12:28 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249479
|
9.8 |
CRITICAL
Network
|
rubyzip_project
debian
|
rubyzip
debian_linux
|
The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "…
|
CWE-22
Path Traversal
|
CVE-2017-5946
|
2024-11-21 12:28 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249480
|
3.7 |
LOW
Network
|
w3
|
high_resolution_time_api
|
The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the http…
|
NVD-CWE-noinfo
|
CVE-2017-5928
|
2024-11-21 12:28 |
2017-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
