Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume vulnerability in the UDP support of the memcached server that can result in denial of service via network flood . This attack appear to be exploitable via network connectivity to port 11211 UDP. Fixed In Version:¶ memcached 1.5.6
CVE-2017-7233: Open redirect and possible XSS attack via user-supplied numeric redirect URLs CVE-2017-7234: Open redirect vulnerability in django.views.static.serve Fixed in: py-django 1.10.7, 1.9.13, and 1.8.18
CVE-2017-7233: Open redirect and possible XSS attack via user-supplied numeric redirect URLs CVE-2017-7234: Open redirect vulnerability in django.views.static.serve Fixed In: py-django 1.10.7, 1.9.13, and 1.8.18
An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it. Fixed In Version: chicken 4.13 Patch:
An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it. Fixed In Version:¶ chicken 4.13 Patch:¶
CVE-2017-5846: The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service via vectors related to the number of languages in a video file.
CVE-2017-5846: The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service via vectors related to the number of languages in a video file.
CVE-2015-9099: The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service via a crafted audio file with a negative sample rate.
CVE-2015-9099: The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service via a crafted audio file with a negative sample rate.
CVE-2015-9099: The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service via a crafted audio file with a negative sample rate.