Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project login security vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-5979
The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.62
4.3
CVSSv2
CVE-2017-5980
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.62
4.3
CVSSv2
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote malicious users to cause a denial of service (assertion failure and crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.62
NA
CVE-2023-40661
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and ...
Opensc Project Opensc
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
7.5
CVSSv2
CVE-2012-2814
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
Libexif Project Libexif 0.6.20
7.5
CVSSv2
CVE-2012-2841
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote malicious users to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, lea...
Libexif Project Libexif 0.6.20
7.5
CVSSv2
CVE-2011-4599
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) prior to 49.1 allows remote malicious users to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.
Icu-project International Components For Unicode
5
CVSSv2
CVE-2019-15903
In libexpat prior to 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Libexpat Project Libexpat
Python Python
6.8
CVSSv2
CVE-2017-6303
An issue exists in ytnef prior to 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-6801
An issue exists in ytnef prior to 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
Ytnef Project Ytnef
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »