Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2017-13749 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
2017-08-29 CVE-2017-13748 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject debian CWE-772
7.5
2017-08-29 CVE-2017-13747 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
2017-08-29 CVE-2017-13746 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
2017-08-29 CVE-2017-13745 Reachable Assertion vulnerability in Jasper Project Jasper 2.0.12
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
network
low complexity
jasper-project CWE-617
7.5
2017-08-29 CVE-2017-13740 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Liblouis 3.2.0
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.
network
low complexity
liblouis CWE-119
8.8
2017-08-29 CVE-2017-13739 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Liblouis 3.2.0
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c.
network
low complexity
liblouis CWE-119
8.8
2017-08-29 CVE-2017-13738 Out-of-bounds Read vulnerability in Liblouis 3.2.0
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.
network
low complexity
liblouis CWE-125
8.8
2017-08-29 CVE-2017-13735 Improper Input Validation vulnerability in Libraw 0.18.2
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2.
network
low complexity
libraw CWE-20
7.5
2017-08-29 CVE-2017-13728 Infinite Loop vulnerability in GNU Ncurses 6.0
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic.
network
low complexity
gnu CWE-835
7.5