Show filters
201 Total Results
Displaying 51-60 of 201
Sort by:
Attacker Value
Unknown

CVE-2016-4861

Disclosure Date: February 17, 2017 (last updated November 08, 2023)
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.20 might allow remote attackers to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation.
0
0
Attacker Value
Unknown

CVE-2016-8690

Disclosure Date: February 15, 2017 (last updated November 08, 2023)
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
0
0
Attacker Value
Unknown

CVE-2016-8693

Disclosure Date: February 15, 2017 (last updated November 08, 2023)
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
0
0
Attacker Value
Unknown

CVE-2016-4797

Disclosure Date: February 03, 2017 (last updated November 08, 2023)
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.
0
0
Attacker Value
Unknown

CVE-2016-4796

Disclosure Date: February 03, 2017 (last updated November 08, 2023)
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
0
0
Attacker Value
Unknown

CVE-2016-8568

Disclosure Date: February 03, 2017 (last updated November 08, 2023)
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
0
0
Attacker Value
Unknown

CVE-2016-9108

Disclosure Date: February 03, 2017 (last updated November 08, 2023)
Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-8569

Disclosure Date: February 03, 2017 (last updated November 08, 2023)
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
0
0
Attacker Value
Unknown

CVE-2015-7977

Disclosure Date: January 30, 2017 (last updated November 25, 2024)
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-7543

Disclosure Date: January 19, 2017 (last updated November 08, 2023)
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
0
0
View More Topics  < Previous  Next >