Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-01-06 CVE-2016-2370 Out-of-bounds Read vulnerability in multiple products
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
5.9
5.9
2017-01-06 CVE-2016-2369 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-476
5.9
5.9
2017-01-06 CVE-2016-2368 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
8.1
2017-01-06 CVE-2016-2367 Out-of-bounds Read vulnerability in multiple products
An information leak exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
5.9
5.9
2017-01-06 CVE-2016-2366 Out-of-bounds Read vulnerability in multiple products
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
5.9
5.9
2017-01-06 CVE-2016-2365 NULL Pointer Dereference vulnerability in multiple products
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-476
5.9
5.9
2017-01-06 CVE-2016-2339 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby.
network
low complexity
ruby-lang CWE-119
critical
 9.8
9.8
2017-01-06 CVE-2016-2337 Unspecified vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0
Type confusion exists in _cancel_eval Ruby's TclTkIp class method.
network
low complexity
ruby-lang
critical
 9.8
9.8
2017-01-06 CVE-2016-2336 Unspecified vulnerability in Ruby-Lang Ruby 2.2.2/2.3.0
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface.
network
low complexity
ruby-lang
critical
 9.8
9.8
2017-01-06 CVE-2016-1550 Information Exposure vulnerability in NTP 4.2.8
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92.
network
low complexity
ntp CWE-200
5.3
5.3