Max CVSS 7.8 Min CVSS 1.9 Total Count20
IDCVSSSummaryLast (major) updatePublished
CVE-2016-10244 6.8
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other i
07-04-2017 - 21:59 06-03-2017 - 01:59
CVE-2017-2636 7.2
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
31-03-2017 - 21:59 07-03-2017 - 17:59
CVE-2016-7800 5.0
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
23-03-2017 - 21:59 06-02-2017 - 12:59
CVE-2017-6335 4.3
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.
14-03-2017 - 15:28 14-03-2017 - 10:59
CVE-2017-5669 4.6
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for
13-03-2017 - 21:59 24-02-2017 - 10:59
CVE-2013-5653 4.3
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
08-03-2017 - 21:59 07-03-2017 - 10:59
CVE-2017-5356 5.0
Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]).
07-03-2017 - 21:59 03-03-2017 - 10:59
CVE-2017-5193 5.0
The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick.
07-03-2017 - 08:21 03-03-2017 - 10:59
CVE-2017-5196 5.0
Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8.
07-03-2017 - 08:03 03-03-2017 - 10:59
CVE-2017-5195 5.0
Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code.
07-03-2017 - 07:41 03-03-2017 - 10:59
CVE-2017-6410 4.3
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to ob
06-03-2017 - 21:59 02-03-2017 - 01:59
CVE-2017-5194 5.0
Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message.
06-03-2017 - 21:59 03-03-2017 - 10:59
CVE-2017-6353 4.9
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded app
02-03-2017 - 21:59 01-03-2017 - 15:59
CVE-2017-6188 1.9
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.
01-03-2017 - 21:59 22-02-2017 - 14:59
CVE-2016-6329 4.3
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka
28-02-2017 - 10:03 31-01-2017 - 17:59
CVE-2016-6173 7.8
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
24-02-2017 - 16:14 09-02-2017 - 10:59
CVE-2016-6621 5.0
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
24-02-2017 - 14:28 31-01-2017 - 14:59
CVE-2016-8682 5.0
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
17-02-2017 - 09:30 15-02-2017 - 14:59
CVE-2016-7996 7.5
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
23-01-2017 - 18:49 18-01-2017 - 12:59
CVE-2016-6232 5.0
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.
28-11-2016 - 15:31 02-08-2016 - 12:59
Back to Top Mark selected
Back to Top