Skip to main content

Swi Prolog

3 CVEs product

Monthly

CVE-2017-17524 HIGH This Week

library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Swi Prolog
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2012-6090 HIGH PATCH This Week

Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service RCE Swi Prolog
NVD
CVSS 2.0
7.5
EPSS
2.1%
CVE-2012-6089 HIGH PATCH This Week

Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service RCE Swi Prolog
NVD
CVSS 2.0
7.5
EPSS
2.5%
EPSS 1% CVSS 8.8
HIGH This Week

library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Swi Prolog
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service RCE +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy