Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2017
CVE-2017-7401
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.
CVSS Score
7.5
EPSS Score
0.01
Published
2017-04-03
CVE-2017-7379
The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-04-03
CVE-2017-7380
The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-04-03
CVE-2017-7381
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-04-03
CVE-2017-7382
The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-04-03
CVE-2017-7383
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-04-03
CVE-2016-10209
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-04-03
CVE-2016-10210
libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-04-03
CVE-2016-10211
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-04-03
CVE-2016-10217
The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.
CVSS Score
5.5
EPSS Score
0.008
Published
2017-04-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved