High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-02	CVE-2017-1000456	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. network low complexity freedesktop debian CWE-119	8.8
2018-01-02	CVE-2017-1000450	Integer Overflow or Wraparound vulnerability in multiple products In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. network low complexity opencv debian CWE-190	8.8
2017-12-30	CVE-2017-17997	NULL Pointer Dereference vulnerability in multiple products In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. network low complexity wireshark debian CWE-476	7.5
2017-12-27	CVE-2017-17935	Out-of-bounds Read vulnerability in multiple products The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line. network low complexity wireshark debian CWE-125	7.5
2017-12-27	CVE-2017-17915	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. network low complexity graphicsmagick debian CWE-125	8.8
2017-12-27	CVE-2017-17913	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. network low complexity graphicsmagick debian CWE-125	8.8
2017-12-27	CVE-2017-17912	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. network low complexity graphicsmagick debian CWE-125	8.8
2017-12-27	CVE-2017-17879	Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error. network low complexity imagemagick debian canonical CWE-125	8.8
2017-12-27	CVE-2017-17866	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. local low complexity artifex debian CWE-119	7.8
2017-12-27	CVE-2017-17863	Integer Overflow or Wraparound vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact. local low complexity linux debian CWE-190	7.8