CVE-2017-9471
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Read MoreIn ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Read MoreIn Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.
Read MoreIn Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash.
Read MoreIn Mercurial before 4.1.3, “hg serve –stdio” allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using –debugger as a repository name.
Read Moresmbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerablity (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
Read More