CVE-2017-9287
- EPSS 7.14%
- Veröffentlicht 29.05.2017 16:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.
CVE-2015-5211
- EPSS 2.57%
- Veröffentlicht 25.05.2017 17:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch scrip...
CVE-2017-9216
- EPSS 3.45%
- Veröffentlicht 24.05.2017 05:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid f...
CVE-2017-8312
- EPSS 1.36%
- Veröffentlicht 23.05.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.
CVE-2017-8314
- EPSS 2.47%
- Veröffentlicht 23.05.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles.
CVE-2017-9214
- EPSS 2.89%
- Veröffentlicht 23.05.2017 17:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
CVE-2017-8309
- EPSS 4.54%
- Veröffentlicht 23.05.2017 04:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
CVE-2017-8379
- EPSS 0.41%
- Veröffentlicht 23.05.2017 04:29:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.
CVE-2016-5177
- EPSS 1.25%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-5178
- EPSS 1.84%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.