|Max CVSS||7.5||Min CVSS||2.1||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
|29-10-2020 - 19:15||29-11-2018 - 08:29|
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be trigger
|24-08-2020 - 17:37||04-07-2018 - 14:29|
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
|14-07-2019 - 21:15||27-07-2018 - 19:29|
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
|02-05-2019 - 14:40||11-06-2018 - 10:29|
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitab
|25-04-2019 - 14:16||25-07-2018 - 23:29|
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnera
|15-11-2018 - 16:11||23-09-2018 - 21:29|
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2)
|13-08-2018 - 21:47||13-01-2011 - 19:00|
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers t
|16-06-2018 - 01:29||30-03-2015 - 10:59|
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (appli
|28-11-2016 - 19:11||09-07-2014 - 11:07|
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
|06-10-2011 - 02:50||27-07-2011 - 02:55|