Total
1465 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-9842 | 4 Canonical, Imagemagick, Opensuse and 1 more | 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||||
CVE-2014-9846 | 5 Canonical, Imagemagick, Opensuse and 2 more | 11 Ubuntu Linux, Imagemagick, Leap and 8 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. | |||||
CVE-2016-9957 | 4 Game-music-emu Project, Opensuse, Opensuse Project and 1 more | 9 Game-music-emu, Leap, Opensuse and 6 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Stack-based buffer overflow in game-music-emu before 0.6.1. | |||||
CVE-2016-7447 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. | |||||
CVE-2016-2347 | 3 Debian, Lhasa Project, Opensuse | 4 Debian Linux, Lhasa, Leap and 1 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive. | |||||
CVE-2016-5321 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | |||||
CVE-2016-9840 | 8 Apple, Canonical, Debian and 5 more | 19 Iphone Os, Mac Os X, Tvos and 16 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |||||
CVE-2015-8567 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-02-28 | 6.8 MEDIUM | 7.7 HIGH |
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | |||||
CVE-2016-8866 | 2 Imagemagick, Opensuse | 3 Imagemagick, Leap, Opensuse | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862. | |||||
CVE-2016-8683 | 3 Debian, Graphicsmagick, Opensuse | 3 Debian Linux, Graphicsmagick, Opensuse | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | |||||
CVE-2015-8864 | 2 Opensuse, Roundcube | 4 Leap, Opensuse, Roundcube Webmail and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068. | |||||
CVE-2016-7448 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size. | |||||
CVE-2016-8568 | 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more | 5 Fedora, Libgit2, Leap and 2 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. | |||||
CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2014-9847 | 4 Canonical, Imagemagick, Opensuse and 1 more | 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. | |||||
CVE-2016-9841 | 9 Apple, Canonical, Debian and 6 more | 39 Iphone Os, Mac Os X, Tvos and 36 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |||||
CVE-2014-9114 | 3 Fedoraproject, Kernel, Opensuse | 3 Fedora, Util-linux, Opensuse | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | |||||
CVE-2016-7800 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow. | |||||
CVE-2014-9850 | 4 Canonical, Imagemagick, Opensuse and 1 more | 8 Ubuntu Linux, Imagemagick, Opensuse and 5 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). | |||||
CVE-2016-2317 | 4 Debian, Graphicsmagick, Opensuse and 1 more | 7 Debian Linux, Graphicsmagick, Leap and 4 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. |