Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-6500 |
Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning. Published: February 03, 2017; 2:59:00 PM -0500 |
V3.0: 8.1 HIGH V2.0: 6.8 MEDIUM |
CVE-2016-10165 |
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. Published: February 03, 2017; 2:59:00 PM -0500 |
V3.1: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2015-4049 |
Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with MCP-FIRMWARE 40.0 before 40.0IC4 Build 270 might allow remote authenticated users to cause a denial of service (data corruption or system crash) via vectors related to using program operators during EPSILON (level 5) based codefiles at peak memory usage, which triggers CPM stack corruption. Published: February 03, 2017; 2:59:00 PM -0500 |
V3.0: 6.8 MEDIUM V2.0: 5.6 MEDIUM |
CVE-2016-6188 |
Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of service (memory consumption) via a large number of attempts to upload a large attachment, related to temporary files. Published: February 03, 2017; 11:59:00 AM -0500 |
V3.1: 6.5 MEDIUM V2.0: 6.8 MEDIUM |
CVE-2016-4797 |
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947. Published: February 03, 2017; 11:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-4796 |
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file. Published: February 03, 2017; 11:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-3183 |
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file. Published: February 03, 2017; 11:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-9642 |
JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-9108 |
Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-9085 |
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2016-9082 |
Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-8569 |
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-8568 |
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-6163 |
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-5241 |
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-5115 |
The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-4571 |
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 7.1 HIGH |
CVE-2016-4570 |
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 7.1 HIGH |
CVE-2016-4352 |
Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-2318 |
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. Published: February 03, 2017; 10:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |