Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2017
CVE-2017-12924
CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted fpx image.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-08-28
CVE-2017-12925
Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-08-28
CVE-2017-12950
The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
CVSS Score
6.5
EPSS Score
0.044
Published
2017-08-28
CVE-2017-12951
The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file.
CVSS Score
6.5
EPSS Score
0.031
Published
2017-08-28
CVE-2017-12952
The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
CVSS Score
6.5
EPSS Score
0.047
Published
2017-08-28
CVE-2017-12953
The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted gig file.
CVSS Score
6.5
EPSS Score
0.031
Published
2017-08-28
CVE-2017-12954
The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted gig file.
CVSS Score
6.5
EPSS Score
0.031
Published
2017-08-28
CVE-2017-13712
NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-08-28
CVE-2017-3735
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.
CVSS Score
5.3
EPSS Score
0.347
Published
2017-08-28
CVE-2017-6594
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-08-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved