Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-4448 10.0
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
25-09-2019 - 15:29 09-06-2016 - 16:59
CVE-2015-7988 7.5
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
19-06-2019 - 16:46 26-06-2016 - 01:59
CVE-2015-7987 6.8
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3Resour
19-06-2019 - 16:27 26-06-2016 - 01:59
CVE-2016-3092 7.8
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (
23-04-2019 - 19:29 04-07-2016 - 22:59
CVE-2013-2561 6.3
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiag
22-04-2019 - 17:48 23-11-2013 - 18:55
CVE-2016-3714 10.0
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "I
15-04-2019 - 13:29 05-05-2016 - 18:59
CVE-2016-4447 5.0
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
26-03-2019 - 17:12 09-06-2016 - 16:59
CVE-2016-1840 6.8
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause
25-03-2019 - 17:27 20-05-2016 - 10:59
CVE-2016-1839 4.3
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a craft
25-03-2019 - 17:27 20-05-2016 - 10:59
CVE-2016-1838 4.3
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-
25-03-2019 - 17:26 20-05-2016 - 10:59
CVE-2016-1837 4.3
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remot
25-03-2019 - 17:26 20-05-2016 - 10:59
CVE-2016-1836 4.3
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via
25-03-2019 - 17:25 20-05-2016 - 10:59
CVE-2016-1833 4.3
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafte
25-03-2019 - 17:22 20-05-2016 - 10:59
CVE-2016-5699 4.3
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
09-02-2019 - 11:29 02-09-2016 - 14:59
CVE-2016-5636 10.0
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based bu
09-02-2019 - 11:29 02-09-2016 - 14:59
CVE-2016-5300 7.8
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists beca
23-01-2019 - 12:59 16-06-2016 - 18:59
CVE-2016-0718 7.5
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
16-11-2018 - 16:44 26-05-2016 - 16:59
CVE-2016-5118 10.0
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
30-10-2018 - 16:27 10-06-2016 - 15:59
CVE-2016-3705 5.0
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and applic
30-10-2018 - 16:27 17-05-2016 - 14:08
CVE-2016-3627 5.0
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML doc
30-10-2018 - 16:27 17-05-2016 - 14:08
CVE-2016-3718 4.3
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
09-10-2018 - 20:00 05-05-2016 - 18:59
CVE-2016-3717 7.1
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
09-10-2018 - 20:00 05-05-2016 - 18:59
CVE-2016-3716 4.3
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
09-10-2018 - 20:00 05-05-2016 - 18:59
CVE-2016-3715 5.8
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
09-10-2018 - 19:59 05-05-2016 - 18:59
CVE-2016-6185 4.6
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
02-05-2018 - 01:29 02-08-2016 - 14:59
CVE-2015-8853 5.0
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
02-05-2018 - 01:29 25-05-2016 - 15:59
CVE-2016-2774 7.1
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establis
16-03-2018 - 01:29 09-03-2016 - 15:59
CVE-2016-4449 5.8
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource con
18-01-2018 - 18:18 09-06-2016 - 16:59
CVE-2016-4971 4.3
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
05-01-2018 - 02:30 30-06-2016 - 17:59
CVE-2016-4483 5.0
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulne
05-01-2018 - 02:30 11-04-2017 - 16:59
CVE-2016-1835 6.8
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
05-01-2018 - 02:30 20-05-2016 - 10:59
CVE-2016-1541 6.8
Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.
05-01-2018 - 02:30 07-05-2016 - 10:59
CVE-2015-8934 4.3
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
05-01-2018 - 02:30 20-09-2016 - 14:15
CVE-2012-0876 4.3
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file wit
05-01-2018 - 02:29 03-07-2012 - 19:55
CVE-2016-5844 4.3
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
04-11-2017 - 01:29 21-09-2016 - 14:25
CVE-2016-4302 6.8
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
04-11-2017 - 01:29 21-09-2016 - 14:25
CVE-2016-4300 6.8
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buf
04-11-2017 - 01:29 21-09-2016 - 14:25
CVE-2015-8540 9.3
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impa
04-11-2017 - 01:29 14-04-2016 - 14:59
CVE-2015-1283 6.8
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec
03-11-2017 - 01:29 23-07-2015 - 00:59
CVE-2016-2381 5.0
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
20-10-2017 - 01:29 08-04-2016 - 15:59
CVE-2015-3228 6.8
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, whic
21-09-2017 - 01:29 11-08-2015 - 14:59
CVE-2016-2532 4.3
The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memo
08-09-2017 - 01:29 28-02-2016 - 04:59
CVE-2016-2531 4.3
Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that
08-09-2017 - 01:29 28-02-2016 - 04:59
CVE-2016-2530 4.3
The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 mishandles the case of an unrecognized TLV type, which allows remote attackers to cause a denial of se
08-09-2017 - 01:29 28-02-2016 - 04:59
CVE-2016-2521 7.2
Untrusted search path vulnerability in the WiresharkApplication class in ui/qt/wireshark_application.cpp in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 on Windows allows local users to gain privileges via a Trojan horse riched20.dll.dll fi
08-09-2017 - 01:29 28-02-2016 - 04:59
CVE-2016-3189 4.3
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. <a href="http://cwe.mitre.org/data/definiti
22-08-2017 - 01:29 30-06-2016 - 17:59
CVE-2016-6491 6.8
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
01-07-2017 - 01:30 13-12-2016 - 15:59
CVE-2016-5842 5.0
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
01-07-2017 - 01:29 13-12-2016 - 15:59
CVE-2016-4301 6.8
Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.
01-07-2017 - 01:29 21-09-2016 - 14:25
CVE-2016-2073 4.3
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
01-07-2017 - 01:29 12-02-2016 - 15:59
CVE-2015-8806 5.0
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
01-07-2017 - 01:29 13-04-2016 - 17:59
CVE-2015-8126 7.5
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a den
01-07-2017 - 01:29 13-11-2015 - 03:59
CVE-2015-7981 5.0
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which trigge
01-07-2017 - 01:29 24-11-2015 - 20:59
CVE-2016-5687 7.5
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
16-12-2016 - 16:54 13-12-2016 - 15:59
CVE-2016-5688 6.8
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer ov
16-12-2016 - 16:38 13-12-2016 - 15:59
CVE-2016-5689 7.5
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
16-12-2016 - 16:37 13-12-2016 - 15:59
CVE-2016-5691 7.5
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
16-12-2016 - 16:36 13-12-2016 - 15:59
CVE-2016-5690 7.5
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
16-12-2016 - 14:14 13-12-2016 - 15:59
CVE-2016-5841 7.5
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
15-12-2016 - 03:02 13-12-2016 - 15:59
CVE-2015-8025 2.1
driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.
07-12-2016 - 18:25 10-11-2015 - 17:59
CVE-2016-4421 4.3
epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack consumption, and application crash) via a packet that specifie
03-12-2016 - 03:27 01-05-2016 - 01:59
CVE-2016-4418 4.3
epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet that triggers an empty
03-12-2016 - 03:27 01-05-2016 - 01:59
CVE-2016-4417 4.3
Off-by-one error in epan/dissectors/packet-gsm_abis_oml.c in the GSM A-bis OML dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a craft
03-12-2016 - 03:27 01-05-2016 - 01:59
CVE-2016-4082 4.3
epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and appl
03-12-2016 - 03:27 25-04-2016 - 10:59
CVE-2016-4081 4.3
epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
03-12-2016 - 03:27 25-04-2016 - 10:59
CVE-2016-4080 4.3
epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 misparses timestamp fields, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a craf
03-12-2016 - 03:27 25-04-2016 - 10:59
CVE-2016-4079 4.3
epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via
03-12-2016 - 03:27 25-04-2016 - 10:59
CVE-2016-4078 4.3
The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not properly restrict element lists, which allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted packet, rela
03-12-2016 - 03:27 25-04-2016 - 10:59
CVE-2016-4006 4.3
epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and application crash) via a crafted packet.
03-12-2016 - 03:27 25-04-2016 - 10:59
CVE-2013-7447 4.3
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (
03-12-2016 - 03:00 17-02-2016 - 15:59
CVE-2016-5358 4.3
epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5357 4.3
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5356 4.3
wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5355 4.3
wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5354 4.3
The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5353 4.3
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5352 4.3
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5351 4.3
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-5350 4.3
epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
28-11-2016 - 20:24 07-08-2016 - 16:59
CVE-2016-4564 7.5
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and
23-09-2016 - 02:00 04-06-2016 - 16:59
CVE-2016-4563 6.8
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service
23-09-2016 - 02:00 04-06-2016 - 16:59
CVE-2016-4562 6.8
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and applicati
23-09-2016 - 02:00 04-06-2016 - 16:59
Back to Top Mark selected
Back to Top