16.10

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-20	CVE-2014-9842	Resource Exhaustion vulnerability in multiple products Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. network low complexity opensuse-project opensuse canonical imagemagick CWE-400	7.5
2017-03-20	CVE-2014-9841	7PK - Errors vulnerability in multiple products The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." network low complexity opensuse-project opensuse canonical imagemagick CWE-388 critical	9.8
2017-03-17	CVE-2014-9854	Resource Management Errors vulnerability in multiple products coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." network low complexity imagemagick opensuse suse canonical CWE-399	7.5
2017-03-17	CVE-2014-9853	Resource Management Errors vulnerability in multiple products Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. local low complexity imagemagick suse novell opensuse-project opensuse canonical CWE-399	5.5
2017-03-09	CVE-2017-6590	Incorrect Authorization vulnerability in Canonical Ubuntu Linux An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. high complexity canonical CWE-863	6.3
2017-02-23	CVE-2016-10109	Use After Free vulnerability in multiple products Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function. network low complexity muscle canonical CWE-416	7.5
2017-02-01	CVE-2016-9963	Key Management Errors vulnerability in multiple products Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. network high complexity exim canonical debian CWE-320	5.9
2017-01-30	CVE-2016-9119	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity moinmo canonical debian CWE-79	6.1
2016-12-09	CVE-2016-9014	Permissions, Privileges, and Access Controls vulnerability in multiple products Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS. network high complexity fedoraproject canonical djangoproject CWE-264	8.1
2016-12-09	CVE-2016-9013	Use of Hard-coded Credentials vulnerability in multiple products Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary. network low complexity djangoproject canonical fedoraproject CWE-798 critical	9.8