CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2017-3302 – mysql: prepared statement handle use-after-free after disconnect
https://notcve.org/view.php?id=CVE-2017-3302
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. Caída en libmysqlclient.so en Oracle MySQL en versiones anteriores 5.6.21 y 5.7.x en versiones anteriores 5.7.5 y MariaDB hasta la versión 5.5.54, 10.0.x hasta la versión 10.0.29, 10.1.x hasta la versión 10.1.21 y 10.2.x hasta la versión 10.2.3. A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. • http://www.debian.org/security/2017/dsa-3809 http://www.debian.org/security/2017/dsa-3834 http://www.openwall.com/lists/oss-security/2017/02/11/11 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html http://www.securityfocus.com/bid/96162 http://www.securitytracker.com/id/1038287 https://access.redhat.com/errata/RHSA-2017:2192 https://access.redhat.com/errata/RHSA-2017:2787 https://access.redhat.com/errata/RHSA-2018:0279 https://access.redhat.c • CWE-416: Use After Free •
CVSS: 7.5EPSS: 3%CPEs: 15EXPL: 0CVE-2017-5848 – gstreamer-plugins-bad-free: Invalid memory read in gst_ps_demux_parse_psm
https://notcve.org/view.php?id=CVE-2017-5848
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing. La función gst_ps_demux_parse_psm en gst/mpegdemux/gstmpegdemux.c en gst-plugins-bad en GStreamer permite a atacantes remotos provocar una denegación de servicio (lectura de memoria no válida y caída) a través de vectores que implican análisis PSM. • http://www.debian.org/security/2017/dsa-3818 http://www.openwall.com/lists/oss-security/2017/02/01/7 http://www.openwall.com/lists/oss-security/2017/02/02/9 http://www.securityfocus.com/bid/96001 https://access.redhat.com/errata/RHSA-2017:2060 https://bugzilla.gnome.org/show_bug.cgi?id=777957#c3 https://lists.debian.org/debian-lts-announce/2020/03/msg00038.html https://security.gentoo.org/glsa/201705-10 https://access.redhat.com/security/cve/CVE-2017-5848&# • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 0CVE-2016-9578 – spice: Remote DoS via crafted message
https://notcve.org/view.php?id=CVE-2016-9578
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. Se ha descubierto una vulnerabilidad en SPICE en versiones anteriores a la 0.13.90 en el manejo del protocolo del servidor. Un atacante capaz de conectarse al servidor de SPICE podría enviar mensajes manipulados que podría provocar el cierre inesperado del proceso. A vulnerability was discovered in SPICE in the server's protocol handling. • http://rhn.redhat.com/errata/RHSA-2017-0253.html http://rhn.redhat.com/errata/RHSA-2017-0549.html http://www.securityfocus.com/bid/96118 https://access.redhat.com/errata/RHSA-2017:0254 https://access.redhat.com/errata/RHSA-2017:0552 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9578 https://www.debian.org/security/2017/dsa-3790 https://access.redhat.com/security/cve/CVE-2016-9578 https://bugzilla.redhat.com/show_bug.cgi?id=1399566 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 1%CPEs: 13EXPL: 0CVE-2016-9577 – spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages
https://notcve.org/view.php?id=CVE-2016-9577
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. Se ha descubierto una vulnerabilidad en SPICE en versiones anteriores a la 0.13.90 en el manejo del protocolo del servidor. Un atacante autenticado podría enviar mensajes al servidor SPICE provocando un desbordamiento de memoria dinámica (heap) que provocaría un cierre inesperado o una posible ejecución de código. A vulnerability was discovered in SPICE in the server's protocol handling. • http://rhn.redhat.com/errata/RHSA-2017-0253.html http://rhn.redhat.com/errata/RHSA-2017-0549.html http://www.securityfocus.com/bid/96040 https://access.redhat.com/errata/RHSA-2017:0254 https://access.redhat.com/errata/RHSA-2017:0552 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9577 https://www.debian.org/security/2017/dsa-3790 https://access.redhat.com/security/cve/CVE-2016-9577 https://bugzilla.redhat.com/show_bug.cgi?id=1401603 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.1EPSS: 1%CPEs: 58EXPL: 0CVE-2016-10165 – lcms2: Out-of-bounds read in Type_MLU_Read()
https://notcve.org/view.php?id=CVE-2016-10165
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. La función Type_MLU_Read en cmstypes.c en Little CMS (también conocido como lcms2) permite a atacantes remotos obtener información sensible o provocar una denegación de servicio a través de una imagen con un perfil ICC manipulado, lo que desencadena una lectura de memoria dinámica fuera de límites. • http://lists.opensuse.org/opensuse-updates/2017-01/msg00174.html http://rhn.redhat.com/errata/RHSA-2016-2079.html http://rhn.redhat.com/errata/RHSA-2016-2658.html http://www.debian.org/security/2017/dsa-3774 http://www.openwall.com/lists/oss-security/2017/01/23/1 http://www.openwall.com/lists/oss-security/2017/01/25/14 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/95808 http://www.securitytracker.com/id& • CWE-125: Out-of-bounds Read •