Bug#908176: [scr564750] jhead 1:3.00-7 ProcessGpsInfo CVE

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > [Suggested description] > The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may > allow a remote attacker to cause a denial-of-service attack or > unspecified other impact via a malicious JPEG file, because of > inconsistency between

Bug#861738: [scr329614] podofo - 0.9.5

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > [Suggested description] > The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in > base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote > attackers to cause a denial of service (heap-based buffer over-read) > or poss

Bug#857699: [scr306054] idTech3 (Quake 3 engine) forks - all prior to 2017-03-14

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > [Suggested description] > In ioquake3 before 2017-03-14, the auto-downloading feature > has insufficient content restrictions. > This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and > other id Tech 3 (aka Quake 3 engine) forks. > A mal

Bug#857699: CVE Request 306054 for CVE ID Request

Thank you for your submission. It will be reviewed by a CVE Assignment Team member. Changes, additions, or updates to your request can be sent to the CVE Team by replying directly to this email. Please do not change the subject line, which allows us to effectively track your request. CVE Ass