|
258381
|
7.8 |
HIGH
Local
|
fontforge
|
fontforge
|
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11572
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258382
|
7.8 |
HIGH
Local
|
fontforge
|
fontforge
|
FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11571
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258383
|
7.8 |
HIGH
Local
|
fontforge
|
fontforge
|
FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11570
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258384
|
7.8 |
HIGH
Local
|
fontforge
|
fontforge
|
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11569
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258385
|
7.8 |
HIGH
Local
|
fontforge
|
fontforge
|
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11568
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258386
|
7.5 |
HIGH
Network
|
debian
|
tor
|
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorre…
|
NVD-CWE-noinfo
|
CVE-2017-11565
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258387
|
7.5 |
HIGH
Network
|
libsass
|
libsass
|
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-11556
|
2024-11-21 12:08 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258388
|
7.5 |
HIGH
Network
|
libsass
|
libsass
|
There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service.
|
CWE-20
Improper Input Validation
|
CVE-2017-11555
|
2024-11-21 12:08 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258389
|
7.5 |
HIGH
Network
|
libsass
|
libsass
|
There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service.
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-11554
|
2024-11-21 12:08 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258390
|
7.5 |
HIGH
Network
|
exiv2
|
exiv2
|
There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service.
|
CWE-20
Improper Input Validation
|
CVE-2017-11553
|
2024-11-21 12:08 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
