CVE-2017-7473 weechat - crash in logger plugin weechat 1.9.1 CVE-2017-14181 ansible - information disclosure flaw ansible 2.2.3Īnsible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the no_log directive where the information may not be sanitized properly. wav file, aka a NULL pointer dereference. An attacker can convince a user to load a journal file to trigger this vulnerability.Īacplusenc - denial of service aacplusenc 0.17.5_2ĭeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid memory write, SEGV on unknown address 0x000000000030, and application crash) or possibly have unspecified other impact via a crafted. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can construct a malicious journal file to trigger this vulnerability.Īn exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted journal file can cause an integer underflow resulting in code execution. An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1.
0 kommentar(er)
