查看最新发布的CVE列表 (113493)

CVE-2017-1693(发布:2018-01-19 09:29:00)NMPS
CVSSN/A

[原文]IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to highack another users session during a small timeframe before the session times out. IBM X-Force ID: 134164.

CVE-2018-1362(发布:2018-01-19 09:29:00)NM
CVSSN/A

[原文]IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 within Citizen Portal could allow an authenticated user to withdraw other user's submitted applications from the system and possibly obtain privileges. IBM X-Force ID: 137380.

CVE-2018-5783(发布:2018-01-19 00:00:00)M
CVSSN/A

[原文]In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.

CVE-2018-5784(发布:2018-01-19 00:00:00)M
CVSSN/A

[原文]In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.

CVE-2018-5785(发布:2018-01-19 00:00:00)M
CVSSN/A

[原文]In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

CVE-2018-5786(发布:2018-01-19 00:00:00)M
CVSSN/A

[原文]In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.

首页上一页12345678下一页尾页 第2页 / 共18916页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站