Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-19 | CVE-2017-10661 | Use After Free vulnerability in multiple products Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. | 7.0 |
| 2017-08-19 | CVE-2017-11323 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename. | 7.8 |
| 2017-08-18 | CVE-2017-12964 | Uncontrolled Recursion vulnerability in Libsass 3.4.5 There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator() in eval.cpp. | 7.5 |
| 2017-08-18 | CVE-2017-12963 | Out-of-bounds Read vulnerability in Libsass 3.4.5 There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. | 7.5 |
| 2017-08-18 | CVE-2017-12962 | Missing Release of Resource after Effective Lifetime vulnerability in Libsass 3.4.5 There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack. | 7.5 |
| 2017-08-18 | CVE-2017-12961 | Improper Input Validation vulnerability in GNU Pspp 0.11.0 There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | 7.5 |
| 2017-08-18 | CVE-2017-12960 | Reachable Assertion vulnerability in GNU Pspp 0.11.0 There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | 7.5 |
| 2017-08-18 | CVE-2017-12959 | Reachable Assertion vulnerability in GNU Pspp 0.11.0 There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | 7.5 |
| 2017-08-18 | CVE-2017-12958 | Out-of-bounds Read vulnerability in GNU Pspp 0.11.0 There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | 7.5 |
| 2017-08-18 | CVE-2017-12955 | Out-of-bounds Write vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. | 8.8 |