Total
458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12687 | 1 Tinyexr Project | 1 Tinyexr | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. | |||||
| CVE-2017-12960 | 1 Gnu | 1 Pspp | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | |||||
| CVE-2018-17096 | 1 Surina | 1 Soundtouch | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | |||||
| CVE-2018-14045 | 1 Surina | 1 Soundtouch | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | |||||
| CVE-2018-9303 | 1 Exiv2 | 1 Exiv2 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort. | |||||
| CVE-2018-19963 | 1 Xen | 1 Xen | 2019-10-03 | 6.9 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled. | |||||
| CVE-2018-12504 | 1 Tinyexr Project | 1 Tinyexr | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. | |||||
| CVE-2017-17722 | 1 Exiv2 | 1 Exiv2 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file. | |||||
| CVE-2017-7479 | 1 Openvpn | 1 Openvpn | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. | |||||
| CVE-2017-8372 | 1 Underbit | 1 Mad Libmad | 2019-10-03 | 2.6 LOW | 4.7 MEDIUM |
| The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted audio file. | |||||
| CVE-2017-5986 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.1 HIGH | 5.5 MEDIUM |
| Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. | |||||
| CVE-2017-11524 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file. | |||||
| CVE-2018-13304 | 1 Ffmpeg | 1 Ffmpeg | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to error_resilience.c, h263dec.c, and mpeg4videodec.c. | |||||
| CVE-2018-5736 | 2 Isc, Netapp | 3 Bind, Cloud Backup, Data Ontap Edge | 2019-10-03 | 3.5 LOW | 5.3 MEDIUM |
| An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1. | |||||
| CVE-2017-13132 | 1 Imagemagick | 1 Imagemagick | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file. | |||||
| CVE-2017-8915 | 1 Sap | 1 Hana Xs | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar sign) or % (percent) character, aka SAP Security Note 2407694. | |||||
| CVE-2017-13726 | 1 Libtiff | 1 Libtiff | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-7478 | 1 Openvpn | 1 Openvpn | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2. | |||||