CVEs from 2016
Total
8,452
critical
critical 1,165
high
high 3,521
medium
medium 3,172
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-9394 | medium | 5.5 | 5.5 | 9y ago | The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-9393 | medium | 5.5 | 5.5 | 9y ago | The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-9392 | medium | 5.5 | 5.5 | 9y ago | The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-9390 | medium | 5.5 | 5.5 | 9y ago | The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | |||
| CVE-2016-9388 | medium | 5.5 | 5.5 | 9y ago | The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | |||
| CVE-2016-9265 | medium | 5.5 | 5.5 | 9y ago | The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. | |||
| CVE-2016-9264 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. | |||
| CVE-2016-9262 | medium | 5.5 | 5.5 | 9y ago | Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of … | |||
| CVE-2016-9011 | medium | 5.5 | 5.5 | 9y ago | The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure. | |||
| CVE-2016-8887 | medium | 5.5 | 5.5 | 9y ago | The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference). | |||
| CVE-2016-8885 | medium | 5.5 | 5.5 | 9y ago | The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a craf… | |||
| CVE-2016-10058 | medium | 5.5 | 5.5 | 9y ago | Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file. | |||
| CVE-2016-10053 | medium | 5.5 | 5.5 | 9y ago | The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | |||
| CVE-2016-10047 | medium | 5.5 | 5.5 | 9y ago | Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file. | |||
| CVE-2016-10046 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | |||
| CVE-2016-10255 | medium | 5.5 | 5.5 | 9y ago | The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header valu… | |||
| CVE-2016-10254 | medium | 5.5 | 5.5 | 9y ago | The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure. | |||
| CVE-2016-5749 | medium | 5.5 | 5.5 | 9y ago | NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML Extern… | |||
| CVE-2016-5748 | medium | 5.5 | 5.5 | 9y ago | External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to disclose the content of local f… | |||
| CVE-2016-10187 | medium | 5.5 | 5.5 | 9y ago | The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. | |||
| CVE-2016-10247 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a cr… | |||
| CVE-2016-10246 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted … | |||
| CVE-2016-10167 | medium | 5.5 | 5.5 | 9y ago | The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | |||
| CVE-2016-6906 | medium | 5.5 | 5.5 | 9y ago | The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related t… | |||
| CVE-2016-10172 | medium | 5.5 | 5.5 | 9y ago | The read_new_config_info function in open_utils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-10171 | medium | 5.5 | 5.5 | 9y ago | The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-10170 | medium | 5.5 | 5.5 | 9y ago | The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-10169 | medium | 5.5 | 5.5 | 9y ago | The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-9985 | medium | 5.5 | 5.5 | 9y ago | IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be read by a local user. IBM Reference #: 1999671. | |||
| CVE-2016-8483 | medium | 5.5 | 5.5 | 9y ago | An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it… | |||
| CVE-2016-6522 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping… | |||
| CVE-2016-6350 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | |||
| CVE-2016-6247 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | |||
| CVE-2016-6245 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. | |||
| CVE-2016-6243 | medium | 5.5 | 5.5 | 9y ago | thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | |||
| CVE-2016-6242 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | |||
| CVE-2016-6239 | medium | 5.5 | 5.5 | 9y ago | The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | |||
| CVE-2016-5315 | medium | 5.5 | 5.5 | 9y ago | The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||
| CVE-2016-10040 | medium | 5.5 | 5.5 | 9y ago | Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags. | |||
| CVE-2016-10070 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via… | |||
| CVE-2016-10066 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file. | |||
| CVE-2016-7409 | medium | 5.5 | 5.5 | 9y ago | The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident. | |||
| CVE-2016-10071 | medium | 5.5 | 5.5 | 9y ago | coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | |||
| CVE-2016-10069 | medium | 5.5 | 5.5 | 9y ago | coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. | |||
| CVE-2016-10068 | medium | 5.5 | 5.5 | 9y ago | The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | |||
| CVE-2016-10062 | medium | 5.5 | 5.5 | 9y ago | The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via… | |||
| CVE-2016-9830 | medium | 5.5 | 5.5 | 9y ago | The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | |||
| CVE-2016-9826 | medium | 5.5 | 5.5 | 9y ago | libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-9825 | medium | 5.5 | 5.5 | 9y ago | libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-9824 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9823 | medium | 5.5 | 5.5 | 9y ago | libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9822 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9821 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9820 | medium | 5.5 | 5.5 | 9y ago | libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-9819 | medium | 5.5 | 5.5 | 9y ago | libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-10095 | medium | 5.5 | 5.5 | 9y ago | Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7… | |||
| CVE-2016-5240 | medium | 5.5 | 5.5 | 9y ago | The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a… | |||
| CVE-2016-10029 | medium | 5.5 | 5.5 | 9y ago | The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process… | |||
| CVE-2016-10028 | medium | 5.5 | 5.5 | 9y ago | The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (ou… | |||
| CVE-2016-5027 | medium | 5.5 | 5.5 | 9y ago | dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file. | |||
| CVE-2016-4493 | medium | 5.5 | 5.5 | 9y ago | The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted b… | |||
| CVE-2016-4491 | medium | 5.5 | 5.5 | 9y ago | The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and… | |||
| CVE-2016-4490 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and in… | |||
| CVE-2016-4489 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtu… | |||
| CVE-2016-4488 | medium | 5.5 | 5.5 | 9y ago | Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." | |||
| CVE-2016-4487 | medium | 5.5 | 5.5 | 9y ago | Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." | |||
| CVE-2016-9378 | medium | 5.5 | 5.5 | 9y ago | Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest cra… | |||
| CVE-2016-9377 | medium | 5.5 | 5.5 | 9y ago | Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest cra… | |||
| CVE-2016-7761 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "WiFi" component, which allows local users to obtain sensitive network-configuration inform… | |||
| CVE-2016-7666 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. Transporter before 1.9.2 is affected. The issue involves the "iTMSTransporter" component, which allows attackers to obtain sensitive information via… | |||
| CVE-2016-7665 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Graphics Driver" component, which allows remote attackers to cause a denial of service via a cr… | |||
| CVE-2016-7628 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Assets" component, which allows local users to bypass intended permission restrictions and… | |||
| CVE-2016-7619 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, whic… | |||
| CVE-2016-7615 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which al… | |||
| CVE-2016-7614 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. iCloud before 6.1 is affected. The issue involves the "Windows Security" component. It allows local users to obtain sensitive information from iClou… | |||
| CVE-2016-7607 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which al… | |||
| CVE-2016-7605 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to cause a denial of service (NULL pointer deref… | |||
| CVE-2016-7604 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "CoreCapture" component. It allows local users to cause a denial of service (NULL pointer d… | |||
| CVE-2016-7603 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "CoreStorage" component. It allows local users to cause a denial of service (NULL pointer d… | |||
| CVE-2016-4680 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows at… | |||
| CVE-2016-4679 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves th… | |||
| CVE-2016-4663 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to cause a denial of service (memo… | |||
| CVE-2016-4661 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ntfs" component, which misparses disk images and allows attackers to cause a denial of ser… | |||
| CVE-2016-7511 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-5031 | medium | 5.5 | 5.5 | 9y ago | The print_frame_inst_bytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||
| CVE-2016-9828 | medium | 5.5 | 5.5 | 9y ago | The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SWF file. | |||
| CVE-2016-9827 | medium | 5.5 | 5.5 | 9y ago | The _iprintf function in outputtxt.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (buffer over-read) via a crafted SWF file. | |||
| CVE-2016-9773 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a craft… | |||
| CVE-2016-8681 | medium | 5.5 | 5.5 | 9y ago | The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on … | |||
| CVE-2016-8678 | medium | 5.5 | 5.5 | 9y ago | The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the… | |||
| CVE-2016-8676 | medium | 5.5 | 5.5 | 9y ago | The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an … | |||
| CVE-2016-8675 | medium | 5.5 | 5.5 | 9y ago | The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcod… | |||
| CVE-2016-8674 | medium | 5.5 | 5.5 | 9y ago | The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file. | |||
| CVE-2016-7499 | medium | 5.5 | 5.5 | 9y ago | The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. | |||
| CVE-2016-7477 | medium | 5.5 | 5.5 | 9y ago | The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file. NOTE: this issue wa… | |||
| CVE-2016-7393 | medium | 5.5 | 5.5 | 9y ago | Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||
| CVE-2016-7392 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted… | |||
| CVE-2016-8944 | medium | 5.5 | 5.5 | 9y ago | IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IV91487, IV91456, IV90234. | |||
| CVE-2016-8692 | medium | 5.5 | 5.5 | 9y ago | The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YR… | |||
| CVE-2016-8691 | medium | 5.5 | 5.5 | 9y ago | The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XR… |