Vulnerabilities > Canonical > High

DATE CVE VULNERABILITY TITLE RISK
2017-03-20 CVE-2014-9849 Resource Exhaustion vulnerability in multiple products
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
7.5
2017-03-20 CVE-2014-9848 Resource Management Errors vulnerability in multiple products
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
7.5
2017-03-20 CVE-2014-9842 Resource Exhaustion vulnerability in multiple products
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
7.5
2017-03-17 CVE-2014-9854 Resource Management Errors vulnerability in multiple products
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
network
low complexity
imagemagick opensuse suse canonical CWE-399
7.5
2017-03-17 CVE-2017-6960 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in apng2gif 1.7.
network
low complexity
apng2gif-project debian canonical CWE-190
7.5
2017-02-24 CVE-2017-5669 The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
local
low complexity
linux debian canonical
7.8
2017-02-23 CVE-2016-10109 Use After Free vulnerability in multiple products
Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.
network
low complexity
muscle canonical CWE-416
7.5
2017-02-17 CVE-2017-6056 Infinite Loop vulnerability in multiple products
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop.
network
low complexity
canonical debian CWE-835
7.5
2017-02-13 CVE-2016-3616 NULL Pointer Dereference vulnerability in multiple products
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
network
low complexity
libjpeg-turbo redhat debian canonical CWE-476
8.8
2017-02-09 CVE-2016-2147 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.
network
low complexity
busybox debian canonical CWE-190
7.5