Vulnerabilities > Debian > Debian Linux > High

DATE CVE VULNERABILITY TITLE RISK
2017-02-15 CVE-2016-8862 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
network
low complexity
imagemagick debian CWE-119
8.8
2017-02-15 CVE-2016-8684 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
local
low complexity
graphicsmagick opensuse debian CWE-119
7.8
2017-02-15 CVE-2016-8683 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
local
low complexity
graphicsmagick opensuse debian CWE-119
7.8
2017-02-15 CVE-2016-8682 Out-of-bounds Read vulnerability in multiple products
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
network
low complexity
graphicsmagick opensuse debian CWE-125
7.5
2017-02-15 CVE-2015-8979 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a long string sent to TCP port 4242.
network
low complexity
debian dicom CWE-119
7.5
2017-02-15 CVE-2017-5991 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465.
network
low complexity
artifex debian CWE-476
7.5
2017-02-13 CVE-2016-3616 NULL Pointer Dereference vulnerability in multiple products
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
network
low complexity
libjpeg-turbo redhat debian canonical CWE-476
8.8
2017-02-12 CVE-2017-3302 Use After Free vulnerability in multiple products
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
network
low complexity
oracle mariadb debian redhat CWE-416
7.5
2017-02-09 CVE-2017-5848 Out-of-bounds Read vulnerability in multiple products
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
network
low complexity
gstreamer-project debian redhat CWE-125
7.5
2017-02-09 CVE-2017-5847 Out-of-bounds Read vulnerability in multiple products
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
network
low complexity
gstreamer-project debian CWE-125
7.5