Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2016-09-26	CVE-2016-6306	Out-of-bounds Read vulnerability in multiple products The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. network high complexity openssl hp novell nodejs debian canonical CWE-125	5.9
2016-09-26	CVE-2016-7162	Improper Input Validation vulnerability in multiple products The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive. network low complexity canonical file-roller-project CWE-20	5.0
2016-09-20	CVE-2015-8934	Out-of-bounds Read vulnerability in multiple products The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file. network suse canonical libarchive CWE-125	4.3
2016-09-20	CVE-2015-8933	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file. network libarchive suse canonical CWE-190	4.3
2016-09-20	CVE-2015-8932	Improper Input Validation vulnerability in multiple products The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift. network canonical debian suse libarchive CWE-20	4.3
2016-09-20	CVE-2015-8931	Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior. network libarchive suse canonical debian CWE-190	6.8
2016-09-20	CVE-2015-8930	Improper Input Validation vulnerability in multiple products bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself. network low complexity suse libarchive canonical CWE-20	5.0
2016-09-20	CVE-2015-8928	Out-of-bounds Read vulnerability in multiple products The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. network canonical libarchive suse CWE-125	4.3
2016-09-20	CVE-2015-8926	NULL Pointer Dereference vulnerability in multiple products The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. network canonical suse libarchive CWE-476	4.3
2016-09-20	CVE-2015-8925	Out-of-bounds Read vulnerability in multiple products The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing. network canonical libarchive suse CWE-125	4.3