Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-8568 |
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-5241 |
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-2318 |
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-2317 |
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-7976 |
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. Published: January 30, 2017; 4:59:00 PM -0500 |
V3.0: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-9453 |
The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one. Published: January 27, 2017; 12:59:00 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2016-9448 |
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297. Published: January 27, 2017; 12:59:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-5323 |
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. Published: January 20, 2017; 10:59:00 AM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-5317 |
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. Published: January 20, 2017; 10:59:00 AM -0500 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-5316 |
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. Published: January 20, 2017; 10:59:00 AM -0500 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-7787 |
A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. Published: December 23, 2016; 5:59:00 PM -0500 |
V3.0: 4.9 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-9427 |
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation. Published: December 11, 2016; 9:59:16 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2016-6323 |
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation. Published: October 07, 2016; 10:59:06 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-6905 |
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image. Published: October 03, 2016; 5:59:05 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-4118 |
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. Published: October 03, 2016; 5:59:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-6352 |
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file. Published: October 03, 2016; 2:59:08 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-3623 |
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0. Published: October 03, 2016; 12:09:05 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-6172 |
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response. Published: September 26, 2016; 12:59:04 PM -0400 |
V3.0: 6.8 MEDIUM V2.0: 7.1 HIGH |
CVE-2016-4303 |
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. Published: September 26, 2016; 10:59:01 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2016-6265 |
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file. Published: September 22, 2016; 11:59:01 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |