High

DATE	CVE	VULNERABILITY TITLE	RISK
2016-05-13	CVE-2015-8312	Numeric Errors vulnerability in multiple products Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes. local low complexity openafs debian CWE-189	7.8
2016-05-13	CVE-2014-9771	Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation. network low complexity enlightenment debian	7.5
2016-05-13	CVE-2014-9764	Improper Input Validation vulnerability in multiple products imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file. network low complexity debian enlightenment CWE-20	7.5
2016-05-13	CVE-2014-9763	Numeric Errors vulnerability in multiple products imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file. network low complexity debian enlightenment CWE-189	7.5
2016-05-13	CVE-2014-9762	Improper Input Validation vulnerability in multiple products imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap. network low complexity enlightenment debian CWE-20	7.5
2016-05-13	CVE-2011-5326	Numeric Errors vulnerability in multiple products imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse. network low complexity debian enlightenment CWE-189	7.5
2016-05-13	CVE-2016-2849	Information Exposure vulnerability in multiple products Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack. network low complexity debian fedoraproject botan-project CWE-200	7.5
2016-05-13	CVE-2016-2194	Improper Input Validation vulnerability in multiple products The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus. network low complexity debian botan-project CWE-20	7.5
2016-05-13	CVE-2015-7827	Information Exposure vulnerability in multiple products Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding. network low complexity fedoraproject botan-project debian CWE-200	7.5
2016-05-13	CVE-2015-5727	Resource Management Errors vulnerability in multiple products The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field. network low complexity botan-project debian CWE-399	7.5