13.2

DATE	CVE	VULNERABILITY TITLE	RISK
2017-02-03	CVE-2016-8568	Out-of-bounds Read vulnerability in multiple products The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. local low complexity fedoraproject suse opensuse libgit2-project CWE-125	5.5
2017-02-03	CVE-2016-5241	Numeric Errors vulnerability in multiple products magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. network graphicsmagick debian opensuse CWE-189	4.3
2017-02-03	CVE-2016-2318	NULL Pointer Dereference vulnerability in multiple products GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. network graphicsmagick debian suse opensuse CWE-476	4.3
2017-02-03	CVE-2016-2317	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. network graphicsmagick debian suse opensuse CWE-119	4.3
2017-01-30	CVE-2015-7976	7PK - Security Features vulnerability in multiple products The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. network low complexity ntp suse novell opensuse CWE-254	4.0
2017-01-27	CVE-2016-9453	Out-of-bounds Write vulnerability in multiple products The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one. network libtiff opensuse debian CWE-787	6.8
2017-01-27	CVE-2016-9448	NULL Pointer Dereference vulnerability in multiple products The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. network low complexity libtiff opensuse CWE-476	5.0
2017-01-20	CVE-2016-5323	Divide By Zero vulnerability in multiple products The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. network low complexity libtiff opensuse CWE-369	5.0
2017-01-20	CVE-2016-5317	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. network libtiff opensuse opensuse-project CWE-119	4.3
2017-01-20	CVE-2016-5316	Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. network libtiff opensuse opensuse-project CWE-125	4.3