Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-31 | CVE-2016-8698 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. | 7.8 |
| 2017-01-31 | CVE-2016-8697 | Divide By Zero vulnerability in Potrace Project Potrace The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image. | 5.5 |
| 2017-01-31 | CVE-2016-8696 | NULL Pointer Dereference vulnerability in Potrace Project Potrace The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695. | 5.5 |
| 2017-01-31 | CVE-2016-8695 | NULL Pointer Dereference vulnerability in Potrace Project Potrace The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8696. | 5.5 |
| 2017-01-31 | CVE-2016-8694 | NULL Pointer Dereference vulnerability in Potrace Project Potrace The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696. | 5.5 |
| 2017-01-31 | CVE-2016-8686 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. | 7.8 |
| 2017-01-31 | CVE-2016-8685 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image. | 5.5 |
| 2017-01-31 | CVE-2016-6329 | Information Exposure vulnerability in Openvpn OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack. | 5.9 |
| 2017-01-31 | CVE-2016-6285 | Cross-site Scripting vulnerability in Atlassian Jira Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header. | 6.1 |
| 2017-01-31 | CVE-2015-8977 | Information Exposure Through Log Files vulnerability in Mybb Merge System and Mybb MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files. | 7.5 |