Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-07	CVE-2017-12603	Out-of-bounds Write vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case. network opencv debian CWE-787	6.8
2017-08-07	CVE-2017-12601	Classic Buffer Overflow vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. network opencv debian CWE-120	6.8
2017-08-07	CVE-2017-12599	Out-of-bounds Read vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread. network opencv debian CWE-125	6.8
2017-08-07	CVE-2017-12598	Out-of-bounds Read vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. network opencv debian CWE-125	6.8
2017-08-07	CVE-2017-12597	Out-of-bounds Write vulnerability in multiple products OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. network opencv debian CWE-787	6.8
2017-08-02	CVE-2017-10664	qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. network low complexity qemu debian redhat	5.0
2017-07-31	CVE-2017-11359	Divide By Zero vulnerability in multiple products The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file. network sound-exchange-project debian CWE-369	4.3
2017-07-31	CVE-2017-11358	Out-of-bounds Read vulnerability in multiple products The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. local low complexity sound-exchange-project debian CWE-125	5.5
2017-07-31	CVE-2017-11332	Divide By Zero vulnerability in multiple products The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file. network sound-exchange-project debian CWE-369	4.3
2017-07-29	CVE-2017-11733	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. network libming debian CWE-476	4.3