High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-07	CVE-2017-6362	Double Free vulnerability in multiple products Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. network low complexity libgd debian fedoraproject canonical CWE-415	7.5
2017-09-06	CVE-2015-5705	Link Following vulnerability in multiple products Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename. network low complexity devscripts-devel-team fedoraproject CWE-59	7.5
2017-08-29	CVE-2017-13752	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13751	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13750	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13749	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13748	Missing Release of Resource after Effective Lifetime vulnerability in multiple products There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject debian CWE-772	7.5
2017-08-29	CVE-2017-13747	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13746	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-25	CVE-2015-1395	Path Traversal vulnerability in multiple products Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. network low complexity fedoraproject canonical gnu CWE-22	7.5