Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2017-10951 OS Command Injection vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-78
8.8
8.8
2017-08-29 CVE-2017-10950 Double Free vulnerability in Bitdefender Total Security 21.0.24.62
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62.
local
high complexity
bitdefender CWE-415
7.0
7.0
2017-08-29 CVE-2017-13752 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13751 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13750 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13749 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13748 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject debian CWE-772
7.5
7.5
2017-08-29 CVE-2017-13747 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13746 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13745 Reachable Assertion vulnerability in Jasper Project Jasper 2.0.12
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
network
low complexity
jasper-project CWE-617
7.5
7.5