Page 28 of 256 results (0.006 seconds)

CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0

CVE-2016-9399

https://notcve.org/view.php?id=CVE-2016-9399

The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. La función calcstepsizes en jpc_dec.c en JasPer 1.900.22 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94380 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat.com/show_bug.cgi?id=1396981 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M https:&# • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 0

CVE-2016-9398

https://notcve.org/view.php?id=CVE-2016-9398

The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. La función jpc_floorlog2 en jpc_math.c en JasPer en versiones anteriores a 1.900.17 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94382 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-10048

https://notcve.org/view.php?id=CVE-2016-10048

Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. Vulnerabilidad de desplazamiento de directorio en magick/module.c en ImageMagick 6.9.4-7 permite atacantes remotos cargar modulos arbitrarios a través de vectores no especificados. • http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html http://www.openwall.com/lists/oss-security/2016/12/26/9 http://www.securityfocus.com/bid/95186 https://bugzilla.redhat.com/show_bug.cgi?id=1410451 https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 40%CPEs: 3EXPL: 1

CVE-2017-6542 – PuTTY < 0.68 - 'ssh_agent_channel_data' Integer Overflow Heap Corruption

https://notcve.org/view.php?id=CVE-2017-6542

The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow. La función ssh_agent_channel_data en PuTTY en versiones anteriores a 0.68 permite a atacantes remotos tener un impacto no especificado a través de un valor de longitud grande en un mensaje de protocolo de agente y aprovechando la capacidad para conectarse al socket de Unix-domain que representa la conexión de agente reenviada, lo que desencadena un desbordamiento de búfer. PuTTY versions prior to 0.68 suffer from an ssh_agent_channel_data integer overflow heap corruption vulnerability. • https://www.exploit-db.com/exploits/42137 http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html http://www.securityfocus.com/bid/97156 http://www.securitytracker.com/id/1038067 https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8 https://security.gentoo.org/glsa/201703-03 https://security.gentoo.org/glsa/201706-09 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 0

CVE-2014-9847

https://notcve.org/view.php?id=CVE-2014-9847

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. El decodificador jng en ImageMagick 6.8.9.9 permite a atacantes remotos tener un impacto no especificado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •