42.1

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-20	CVE-2014-9845	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. network suse opensuse opensuse-project canonical imagemagick CWE-119	4.3
2017-03-20	CVE-2014-9844	Out-of-bounds Read vulnerability in multiple products The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. network suse opensuse opensuse-project canonical imagemagick CWE-125	4.3
2017-03-20	CVE-2014-9843	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. network low complexity opensuse opensuse-project canonical imagemagick CWE-119	7.5
2017-03-20	CVE-2014-9842	Resource Exhaustion vulnerability in multiple products Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. network low complexity opensuse opensuse-project canonical imagemagick CWE-400	5.0
2017-03-20	CVE-2014-9841	7PK - Errors vulnerability in multiple products The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." network low complexity opensuse opensuse-project canonical imagemagick CWE-388	7.5
2017-03-15	CVE-2017-5938	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. network debian opensuse opensuse-project viewvc CWE-79	4.3
2017-03-02	CVE-2016-10069	Improper Input Validation vulnerability in Imagemagick coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. network imagemagick opensuse-project CWE-20	4.3
2017-03-02	CVE-2016-10068	Improper Input Validation vulnerability in Imagemagick The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. network imagemagick opensuse opensuse-project CWE-20	4.3
2017-01-20	CVE-2016-9436	Improper Input Validation vulnerability in multiple products parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag. network low complexity opensuse-project opensuse tats CWE-20	6.5
2017-01-20	CVE-2016-9435	Improper Input Validation vulnerability in multiple products The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags. network low complexity opensuse-project opensuse tats CWE-20	6.5