CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 1CVE-2018-11212 – libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
https://notcve.org/view.php?id=CVE-2018-11212
16 May 2018 — An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado. A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html • CWE-369: Divide By Zero •
CVSS: 7.1EPSS: 3%CPEs: 101EXPL: 1CVE-2013-4002 – OpenJDK: XML parsing Denial of Service (JAXP, 8017298)
https://notcve.org/view.php?id=CVE-2013-4002
23 Jul 2013 — XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute... • https://github.com/tafamace/CVE-2013-4002 • CWE-20: Improper Input Validation •