Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2017-13733
Publication date:
29/08/2017
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13736
Publication date:
29/08/2017
There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13737
Publication date:
29/08/2017
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13745
Publication date:
29/08/2017
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13746
Publication date:
29/08/2017
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13747
Publication date:
29/08/2017
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13748
Publication date:
29/08/2017
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13739
Publication date:
29/08/2017
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13685
Publication date:
29/08/2017
The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13735
Publication date:
29/08/2017
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13734
Publication date:
29/08/2017
There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026

CVE-2017-13738
Publication date:
29/08/2017
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.
Severity CVSS v4.0: Pending analysis
Last modification:
13/05/2026
Subscribe to Vulnerabilities