VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2017-0900HigAug 31, 2017
    risk 0.42cvss 7.5epss 0.08

    RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command.

  • CVE-2017-13777MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request…

  • CVE-2017-13776MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request…

  • CVE-2017-13775MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.

  • CVE-2017-13769MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.01

    The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

  • CVE-2017-13768MedAug 30, 2017
    risk 0.42cvss 6.5epss 0.02

    Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.

  • CVE-2017-13737MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.03

    There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.

  • CVE-2017-12877MedAug 28, 2017
    risk 0.42cvss 6.5epss 0.02

    Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.

  • CVE-2017-12809MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.00

    QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.

  • CVE-2017-13145MedAug 23, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.

  • CVE-2017-13065MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.

  • CVE-2017-13064MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.

  • CVE-2017-13063MedAug 22, 2017
    risk 0.42cvss 6.5epss 0.02

    GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.

  • CVE-2016-6796HigAug 11, 2017
    risk 0.42cvss 7.5epss 0.08

    A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.

  • CVE-2016-6797HigAug 10, 2017
    risk 0.42cvss 7.5epss 0.08

    The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application.…

  • CVE-2017-10243MedAug 8, 2017
    risk 0.42cvss 6.5epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows…

  • CVE-2017-12643MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.03

    ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.

  • CVE-2017-11683MedJul 27, 2017
    risk 0.42cvss 6.5epss 0.03

    There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.

  • CVE-2015-5219HigJul 21, 2017
    risk 0.42cvss 7.5epss 0.06

    The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

  • CVE-2015-5195HigJul 21, 2017
    risk 0.42cvss 7.5epss 0.07

    ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

Page 56 of 151