The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
Max CVSS
7.4
EPSS Score
0.25%
Published
2017-12-11
Updated
2019-05-14
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
Max CVSS
6.5
EPSS Score
0.24%
Published
2017-12-27
Updated
2019-10-03
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
Max CVSS
7.1
EPSS Score
0.45%
Published
2017-12-27
Updated
2020-09-08
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.
Max CVSS
6.5
EPSS Score
0.09%
Published
2017-12-27
Updated
2019-10-03
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.
Max CVSS
6.5
EPSS Score
0.09%
Published
2017-12-27
Updated
2019-10-03
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
Max CVSS
6.5
EPSS Score
0.09%
Published
2017-12-27
Updated
2019-10-03
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
Max CVSS
6.5
EPSS Score
0.09%
Published
2017-12-27
Updated
2019-10-03
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
Max CVSS
6.5
EPSS Score
0.09%
Published
2017-12-27
Updated
2019-10-03
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
Max CVSS
6.5
EPSS Score
0.09%
Published
2017-12-27
Updated
2019-10-03
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
Max CVSS
8.8
EPSS Score
0.75%
Published
2017-12-27
Updated
2019-10-03
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.
Max CVSS
5.5
EPSS Score
0.08%
Published
2017-12-21
Updated
2022-08-02
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.
Max CVSS
5.5
EPSS Score
0.38%
Published
2017-12-21
Updated
2022-08-02
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.
Max CVSS
7.5
EPSS Score
0.13%
Published
2017-12-21
Updated
2019-10-03
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
Max CVSS
5.5
EPSS Score
0.08%
Published
2017-12-21
Updated
2022-08-02
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.
Max CVSS
5.5
EPSS Score
0.16%
Published
2017-12-21
Updated
2019-03-26
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.
Max CVSS
5.5
EPSS Score
0.38%
Published
2017-12-21
Updated
2019-03-26
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.
Max CVSS
5.5
EPSS Score
0.16%
Published
2017-12-21
Updated
2019-03-26
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.
Max CVSS
5.5
EPSS Score
0.16%
Published
2017-12-21
Updated
2019-03-26
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack.
Max CVSS
5.5
EPSS Score
0.38%
Published
2017-12-21
Updated
2019-10-03
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111.
Max CVSS
5.5
EPSS Score
0.15%
Published
2017-12-21
Updated
2019-03-26
In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments.
Max CVSS
5.5
EPSS Score
0.48%
Published
2017-12-21
Updated
2019-03-26
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-20
Updated
2023-01-19
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-12-20
Updated
2023-01-19
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
Max CVSS
7.8
EPSS Score
0.14%
Published
2017-12-20
Updated
2022-02-07
In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.
Max CVSS
5.5
EPSS Score
0.16%
Published
2017-12-20
Updated
2022-02-07
44 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!