Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-24	CVE-2014-4616	Improper Validation of Array Index vulnerability in multiple products Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function. network high complexity python simplejson-project opensuse-project opensuse CWE-129	5.9
2017-08-02	CVE-2015-5203	Double Free vulnerability in multiple products Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. local low complexity fedoraproject opensuse-project opensuse jasper-project CWE-415	5.5
2017-07-25	CVE-2015-5221	Use After Free vulnerability in multiple products Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. local low complexity fedoraproject opensuse-project opensuse jasper-project CWE-416	5.5
2017-06-06	CVE-2016-9960	Divide By Zero vulnerability in multiple products game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash). local low complexity game-music-emu-project fedoraproject opensuse-project opensuse novell CWE-369	5.5
2017-03-27	CVE-2015-8010	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi. network low complexity icinga opensuse-project opensuse CWE-79	6.1
2017-03-23	CVE-2016-9556	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. local low complexity imagemagick opensuse-project debian CWE-119	5.5
2017-03-20	CVE-2014-9845	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. local low complexity opensuse-project suse opensuse canonical imagemagick CWE-119	5.5
2017-03-20	CVE-2014-9844	Out-of-bounds Read vulnerability in multiple products The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. local low complexity opensuse-project suse opensuse canonical imagemagick CWE-125	5.5
2017-03-17	CVE-2014-9853	Resource Management Errors vulnerability in multiple products Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. local low complexity imagemagick suse novell opensuse-project opensuse canonical CWE-399	5.5
2017-03-15	CVE-2017-5938	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. network low complexity debian opensuse-project opensuse viewvc CWE-79	6.1