Page 106 of 530 results (0.008 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1

CVE-2018-14522

https://notcve.org/view.php?id=CVE-2018-14522

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. Se ha descubierto un problema en aubio 0.4.6. Puede ocurrir una señal SEGV en aubio_pitch_set_unit en pitch/pitch.c, tal y como queda demostrado con aubionotes. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00071.html https://github.com/aubio/aubio/issues/188 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2018-10360 – file: out-of-bounds read via a crafted ELF file

https://notcve.org/view.php?id=CVE-2018-10360

The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. La función do_core_note en readelf.c en libmagic.a en file 5.33 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites y cierre inesperado de la aplicación) utilizando un archivo ELF manipulado. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22 https://security.gentoo.org/glsa/201806-08 https://usn.ubuntu.com/3686-1 https://usn.ubuntu.com/3686-2 https://access.redhat.com/security/cve/CVE-2018-10360 https://bugzilla.redhat.com/show_bug.cgi?id=1590000 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-10380

https://notcve.org/view.php?id=CVE-2018-10380

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack. kwallet-pam en KDE KWallet en versiones anteriores a la 5.12.6 permite que los usuarios locales obtengan la propiedad de archivos arbitrarios mediante un ataque symlink. • https://bugzilla.suse.com/show_bug.cgi?id=1090863 https://commits.kde.org/kwallet-pam/01d4143fda5bddb6dca37b23304dc239a5fb38b5 https://commits.kde.org/kwallet-pam/2134dec85ce19d6378d03cddfae9e5e464cb24c0 https://commits.kde.org/kwallet-pam/802f305d81f8771c4f4a8bd7fd0e368ffc6f9b3b https://commits.kde.org/kwallet-pam/99abc7fde21f40cc6da5feb6ee766cc46fcca1f8 https://www.debian.org/security/2018/dsa-4200 https://www.kde.org/info/security/advisory-20180503-1.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0

CVE-2016-9399

https://notcve.org/view.php?id=CVE-2016-9399

The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. La función calcstepsizes en jpc_dec.c en JasPer 1.900.22 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94380 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat.com/show_bug.cgi?id=1396981 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M https:&# • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 0

CVE-2016-9398

https://notcve.org/view.php?id=CVE-2016-9398

The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. La función jpc_floorlog2 en jpc_math.c en JasPer en versiones anteriores a 1.900.17 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94382 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat • CWE-617: Reachable Assertion •