Search Results (3295 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-7449 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Leap and 1 more 2025-04-20 N/A
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
CVE-2016-7800 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Leap and 1 more 2025-04-20 N/A
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
CVE-2016-6225 3 Fedoraproject, Opensuse, Percona 3 Fedora, Leap, Xtrabackup 2025-04-20 N/A
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394.
CVE-2016-7797 5 Clusterlabs, Opensuse, Opensuse Project and 2 more 8 Pacemaker, Leap, Leap and 5 more 2025-04-20 N/A
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
CVE-2016-5759 2 Novell, Opensuse 3 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Leap 2025-04-20 N/A
The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.
CVE-2016-8684 3 Debian, Graphicsmagick, Opensuse 3 Debian Linux, Graphicsmagick, Opensuse 2025-04-20 N/A
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
CVE-2016-8682 3 Debian, Graphicsmagick, Opensuse 3 Debian Linux, Graphicsmagick, Opensuse 2025-04-20 N/A
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
CVE-2016-8569 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more 5 Fedora, Libgit2, Leap and 2 more 2025-04-20 N/A
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
CVE-2016-8568 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more 5 Fedora, Libgit2, Leap and 2 more 2025-04-20 N/A
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVE-2017-8386 6 Canonical, Debian, Fedoraproject and 3 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2025-04-20 N/A
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.
CVE-2016-5321 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2025-04-20 N/A
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.
CVE-2016-2347 3 Debian, Lhasa Project, Opensuse 4 Debian Linux, Lhasa, Leap and 1 more 2025-04-20 N/A
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.
CVE-2016-2318 4 Debian, Graphicsmagick, Opensuse and 1 more 7 Debian Linux, Graphicsmagick, Leap and 4 more 2025-04-20 N/A
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.
CVE-2014-9849 4 Canonical, Imagemagick, Opensuse and 1 more 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more 2025-04-20 N/A
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
CVE-2014-9844 5 Canonical, Imagemagick, Opensuse and 2 more 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more 2025-04-20 N/A
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
CVE-2016-10165 6 Canonical, Debian, Littlecms and 3 more 23 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 20 more 2025-04-20 7.1 High
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
CVE-2016-10064 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2025-04-20 7.8 High
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10050 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2025-04-20 7.8 High
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-9958 4 Game-music-emu Project, Opensuse, Opensuse Project and 1 more 9 Game-music-emu, Leap, Opensuse and 6 more 2025-04-20 N/A
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVE-2016-9399 3 Fedoraproject, Jasper Project, Opensuse 3 Fedora, Jasper, Leap 2025-04-20 7.5 High
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.