Show filters
70 Total Results
Displaying 11-20 of 70
Sort by:
Attacker Value
Unknown

CVE-2014-9845

Disclosure Date: March 20, 2017 (last updated November 26, 2024)
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
0
0
Attacker Value
Unknown

CVE-2014-9844

Disclosure Date: March 20, 2017 (last updated November 26, 2024)
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
0
0
Attacker Value
Unknown

CVE-2014-9846

Disclosure Date: March 20, 2017 (last updated November 26, 2024)
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
0
0
Attacker Value
Unknown

CVE-2014-9853

Disclosure Date: March 17, 2017 (last updated November 05, 2024)
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2016-2318

Disclosure Date: February 03, 2017 (last updated November 25, 2024)
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.
0
0
Attacker Value
Unknown

CVE-2016-2317

Disclosure Date: February 03, 2017 (last updated November 25, 2024)
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.
0
0
Attacker Value
Unknown

CVE-2015-7976

Disclosure Date: January 30, 2017 (last updated November 25, 2024)
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
0
0
Attacker Value
Unknown

CVE-2016-5772

Disclosure Date: August 07, 2016 (last updated November 25, 2024)
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-5244

Disclosure Date: June 27, 2016 (last updated November 25, 2024)
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
0
0
Attacker Value
Unknown

CVE-2016-1583

Disclosure Date: June 27, 2016 (last updated November 25, 2024)
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >