Total
1461 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-8568 | 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more | 5 Fedora, Libgit2, Leap and 2 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. | |||||
CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2014-9847 | 4 Canonical, Imagemagick, Opensuse and 1 more | 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. | |||||
CVE-2016-9841 | 9 Apple, Canonical, Debian and 6 more | 39 Iphone Os, Mac Os X, Tvos and 36 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |||||
CVE-2014-9114 | 3 Fedoraproject, Kernel, Opensuse | 3 Fedora, Util-linux, Opensuse | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | |||||
CVE-2016-7800 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow. | |||||
CVE-2014-9850 | 4 Canonical, Imagemagick, Opensuse and 1 more | 8 Ubuntu Linux, Imagemagick, Opensuse and 5 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). | |||||
CVE-2016-2317 | 4 Debian, Graphicsmagick, Opensuse and 1 more | 7 Debian Linux, Graphicsmagick, Leap and 4 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. | |||||
CVE-2016-9830 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | |||||
CVE-2016-5323 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. | |||||
CVE-2016-7969 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." | |||||
CVE-2016-4068 | 2 Opensuse, Roundcube | 4 Leap, Opensuse, Roundcube Webmail and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864. | |||||
CVE-2016-8682 | 3 Debian, Graphicsmagick, Opensuse | 3 Debian Linux, Graphicsmagick, Opensuse | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. | |||||
CVE-2016-9843 | 10 Apple, Canonical, Debian and 7 more | 24 Iphone Os, Mac Os X, Tvos and 21 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | |||||
CVE-2016-7787 | 2 Kde, Opensuse | 3 Kde-cli-tools, Leap, Opensuse | 2024-02-28 | 4.0 MEDIUM | 4.9 MEDIUM |
A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | |||||
CVE-2016-9448 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297. | |||||
CVE-2014-9843 | 4 Canonical, Imagemagick, Opensuse and 1 more | 8 Ubuntu Linux, Imagemagick, Opensuse and 5 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. | |||||
CVE-2014-9854 | 4 Canonical, Imagemagick, Opensuse and 1 more | 7 Ubuntu Linux, Imagemagick, Leap and 4 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." | |||||
CVE-2016-8569 | 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more | 5 Fedora, Libgit2, Leap and 2 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. | |||||
CVE-2014-9852 | 3 Imagemagick, Opensuse, Suse | 7 Imagemagick, Leap, Opensuse and 4 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. |