Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-17	CVE-2014-9853	Resource Management Errors vulnerability in multiple products Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. local low complexity imagemagick suse novell opensuse-project opensuse canonical CWE-399	5.5
2017-03-15	CVE-2017-5938	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. network low complexity debian opensuse-project opensuse viewvc CWE-79	6.1
2017-03-03	CVE-2016-10070	Out-of-bounds Read vulnerability in multiple products Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. local low complexity imagemagick opensuse CWE-125	5.5
2017-03-02	CVE-2016-10068	Improper Input Validation vulnerability in multiple products The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. local low complexity imagemagick opensuse-project opensuse CWE-20	5.5
2017-03-01	CVE-2016-9830	Improper Input Validation vulnerability in multiple products The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. local low complexity graphicsmagick debian opensuse CWE-20	5.5
2017-02-15	CVE-2016-8688	Out-of-bounds Read vulnerability in multiple products The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c. local low complexity libarchive opensuse CWE-125	5.5
2017-02-03	CVE-2016-8569	NULL Pointer Dereference vulnerability in multiple products The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. local low complexity libgit2-project fedoraproject suse opensuse CWE-476	5.5
2017-02-03	CVE-2016-8568	Out-of-bounds Read vulnerability in multiple products The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. local low complexity fedoraproject suse opensuse libgit2-project CWE-125	5.5
2017-02-03	CVE-2016-5241	Numeric Errors vulnerability in multiple products magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. local low complexity graphicsmagick debian opensuse CWE-189	5.5
2017-02-03	CVE-2016-2318	NULL Pointer Dereference vulnerability in multiple products GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. local low complexity graphicsmagick debian suse opensuse CWE-476	5.5