Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-20	CVE-2014-9845	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. network suse opensuse opensuse-project canonical imagemagick CWE-119	4.3
2017-03-20	CVE-2014-9844	Out-of-bounds Read vulnerability in multiple products The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. network suse opensuse opensuse-project canonical imagemagick CWE-125	4.3
2017-03-20	CVE-2014-9842	Resource Exhaustion vulnerability in multiple products Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. network low complexity opensuse opensuse-project canonical imagemagick CWE-400	5.0
2017-03-17	CVE-2014-9853	Resource Management Errors vulnerability in multiple products Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. local low complexity imagemagick suse novell opensuse-project opensuse canonical CWE-399	5.5
2017-03-09	CVE-2017-6590	Incorrect Authorization vulnerability in Canonical Ubuntu Linux An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. local canonical CWE-863	6.9
2017-02-13	CVE-2016-3616	NULL Pointer Dereference vulnerability in multiple products The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. network libjpeg-turbo redhat debian canonical CWE-476	6.8
2017-02-09	CVE-2016-2147	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write. network low complexity busybox debian canonical CWE-190	5.0
2017-01-30	CVE-2016-9119	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network moinmo canonical debian CWE-79	4.3
2017-01-30	CVE-2015-7977	NULL Pointer Dereference vulnerability in multiple products ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. network ntp oracle siemens netapp freebsd fedoraproject debian canonical CWE-476	4.3
2017-01-30	CVE-2015-7973	7PK - Security Features vulnerability in multiple products NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network. network ntp siemens freebsd netapp canonical CWE-254	5.8