Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-15 | CVE-2017-6846 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4 The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 5.5 |
| 2017-03-15 | CVE-2017-6845 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4 The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 5.5 |
| 2017-03-15 | CVE-2017-6842 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 5.5 |
| 2017-03-15 | CVE-2017-6841 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 5.5 |
| 2017-03-15 | CVE-2017-6840 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. | 5.5 |
| 2017-03-15 | CVE-2017-6505 | Infinite Loop vulnerability in Qemu The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330. | 6.5 |
| 2017-03-15 | CVE-2017-6440 | Integer Overflow or Wraparound vulnerability in Libplist Project Libplist 1.12 The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | 5.0 |
| 2017-03-15 | CVE-2017-6439 | Out-of-bounds Write vulnerability in Libplist Project Libplist 1.12 Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file. | 5.0 |
| 2017-03-15 | CVE-2017-6437 | Out-of-bounds Read vulnerability in Libplist Project Libplist 1.12 The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file. | 5.0 |
| 2017-03-15 | CVE-2017-6436 | Improper Input Validation vulnerability in Libplist Project Libplist 1.12 The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | 5.0 |