CVE-2017-14859
- EPSS 1.07%
- Veröffentlicht 29.09.2017 01:34:49
- Zuletzt bearbeitet 13.05.2026 00:24:29
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2017-14862
- EPSS 1.07%
- Veröffentlicht 29.09.2017 01:34:49
- Zuletzt bearbeitet 13.05.2026 00:24:29
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2017-14864
- EPSS 1.07%
- Veröffentlicht 29.09.2017 01:34:49
- Zuletzt bearbeitet 13.05.2026 00:24:29
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2017-14737
- EPSS 0.32%
- Veröffentlicht 26.09.2017 01:29:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array...
CVE-2017-14733
- EPSS 2.09%
- Veröffentlicht 25.09.2017 21:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2015-6748
- EPSS 2.21%
- Veröffentlicht 25.09.2017 17:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
CVE-2017-12153
- EPSS 0.47%
- Veröffentlicht 21.09.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be i...
CVE-2017-14160
- EPSS 4.58%
- Veröffentlicht 21.09.2017 14:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.
CVE-2017-14245
- EPSS 2.04%
- Veröffentlicht 21.09.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
CVE-2017-14246
- EPSS 2.23%
- Veröffentlicht 21.09.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.