Vulnerabilities > Canonical > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-20 | CVE-2014-9849 | Resource Exhaustion vulnerability in multiple products The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). | 7.5 |
2017-03-20 | CVE-2014-9848 | Resource Management Errors vulnerability in multiple products Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). | 7.5 |
2017-03-20 | CVE-2014-9842 | Resource Exhaustion vulnerability in multiple products Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | 7.5 |
2017-03-17 | CVE-2014-9854 | Resource Management Errors vulnerability in multiple products coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." | 7.5 |
2017-03-17 | CVE-2017-6960 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in apng2gif 1.7. | 7.5 |
2017-02-24 | CVE-2017-5669 | The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context. | 7.8 |
2017-02-23 | CVE-2016-10109 | Use After Free vulnerability in multiple products Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function. | 7.5 |
2017-02-17 | CVE-2017-6056 | Infinite Loop vulnerability in multiple products It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. | 7.5 |
2017-02-13 | CVE-2016-3616 | NULL Pointer Dereference vulnerability in multiple products The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. | 8.8 |
2017-02-09 | CVE-2016-2147 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write. | 7.5 |