42.2

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-23	CVE-2016-10050	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file. local low complexity imagemagick opensuse CWE-119	7.8
2017-03-23	CVE-2016-6225	Inadequate Encryption Strength vulnerability in multiple products xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. network high complexity percona opensuse fedoraproject CWE-326	5.9
2017-03-20	CVE-2017-5930	Missing Authorization vulnerability in multiple products The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check. network low complexity opensuse postfixadmin-project CWE-862	2.7
2017-03-20	CVE-2014-9848	Resource Management Errors vulnerability in multiple products Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). network low complexity opensuse-project opensuse canonical imagemagick CWE-399	7.5
2017-03-20	CVE-2014-9846	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. network low complexity opensuse-project suse opensuse canonical imagemagick CWE-119 critical	9.8
2017-03-20	CVE-2014-9845	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. local low complexity opensuse-project suse opensuse canonical imagemagick CWE-119	5.5
2017-03-15	CVE-2017-5938	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. network low complexity debian opensuse-project opensuse viewvc CWE-79	6.1
2017-03-03	CVE-2016-10070	Out-of-bounds Read vulnerability in multiple products Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. local low complexity imagemagick opensuse CWE-125	5.5
2017-03-02	CVE-2016-10068	Improper Input Validation vulnerability in multiple products The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. local low complexity imagemagick opensuse-project opensuse CWE-20	5.5
2017-03-01	CVE-2016-9830	Improper Input Validation vulnerability in multiple products The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. local low complexity graphicsmagick debian opensuse CWE-20	5.5