Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-01-13 CVE-2017-0398 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels.
local
low complexity
google CWE-200
5.5
5.5
2017-01-13 CVE-2016-9813 NULL Pointer Dereference vulnerability in Gstreamer 1.10.1
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
local
low complexity
gstreamer CWE-476
5.5
5.5
2017-01-13 CVE-2016-9812 Out-of-bounds Read vulnerability in Gstreamer 1.10.1
The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.
network
low complexity
gstreamer CWE-125
7.5
7.5
2017-01-13 CVE-2016-9811 Out-of-bounds Read vulnerability in multiple products
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
local
high complexity
gstreamer fedoraproject debian redhat CWE-125
4.7
4.7
2017-01-13 CVE-2016-9810 Out-of-bounds Read vulnerability in Gstreamer 1.10.1
The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call.
local
low complexity
gstreamer CWE-125
5.5
5.5
2017-01-13 CVE-2016-9809 Out-of-bounds Read vulnerability in Gstreamer 1.10.1
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
local
low complexity
gstreamer CWE-125
7.8
7.8
2017-01-13 CVE-2016-9808 Out-of-bounds Write vulnerability in Gstreamer 1.10.1
The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.
network
low complexity
gstreamer CWE-787
7.5
7.5
2017-01-13 CVE-2016-9807 Out-of-bounds Read vulnerability in Gstreamer 1.10.1
The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.
local
low complexity
gstreamer CWE-125
5.5
5.5
2017-01-13 CVE-2016-9312 Resource Management Errors vulnerability in NTP 4.2.4/4.2.7/4.2.8
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet.
network
low complexity
ntp CWE-399
7.5
7.5
2017-01-13 CVE-2016-9311 NULL Pointer Dereference vulnerability in NTP 4.2.4/4.2.7/4.2.8
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
network
high complexity
ntp CWE-476
5.9
5.9