Skip to main content

Ed

2 CVEs product

Monthly

CVE-2017-5357 HIGH PATCH This Week

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Fedora Ed
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2015-2987 LOW PATCH Monitor

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

Information Disclosure Ed
NVD
CVSS 2.0
2.6
EPSS
0.2%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +2
NVD
EPSS 0% CVSS 2.6
LOW PATCH Monitor

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

Information Disclosure Ed
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy