High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-10	CVE-2017-6313	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file. local low complexity gnome fedoraproject debian CWE-191	7.1
2017-03-10	CVE-2017-6311	NULL Pointer Dereference vulnerability in multiple products gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message. network low complexity gnome fedoraproject CWE-476	7.5
2017-03-03	CVE-2016-7972	Resource Management Errors vulnerability in multiple products The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. network low complexity opensuse fedoraproject libass-project CWE-399	7.5
2017-03-03	CVE-2016-7970	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors. network low complexity fedoraproject libass-project CWE-119	7.5
2017-03-03	CVE-2016-7969	Out-of-bounds Read vulnerability in multiple products The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." network low complexity opensuse fedoraproject libass-project CWE-125	7.5
2017-02-28	CVE-2017-5884	Range Error vulnerability in multiple products gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile. local low complexity fedoraproject gnome CWE-118	7.8
2017-02-22	CVE-2016-9956	Improper Access Control vulnerability in multiple products The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. network low complexity debian fedoraproject flightgear CWE-284	7.5
2017-02-17	CVE-2017-5357	Use After Free vulnerability in multiple products regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. network low complexity fedoraproject gnu CWE-416	7.5
2017-02-15	CVE-2016-8693	Double Free vulnerability in multiple products Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command. local low complexity jasper-project opensuse fedoraproject CWE-415	7.8
2017-02-15	CVE-2016-6866	NULL Pointer Dereference vulnerability in multiple products slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash. network low complexity suckless fedoraproject CWE-476	7.5