Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-15	CVE-2015-8896	Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. network low complexity imagemagick oracle redhat	6.5
2017-01-30	CVE-2016-2518	Out-of-bounds Read vulnerability in multiple products The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. network low complexity ntp debian netapp oracle redhat freebsd siemens CWE-125	5.3
2017-01-30	CVE-2015-7977	NULL Pointer Dereference vulnerability in multiple products ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. network high complexity ntp oracle siemens netapp freebsd fedoraproject debian canonical CWE-476	5.9
2016-10-16	CVE-2016-7039	Resource Management Errors vulnerability in multiple products The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666. network low complexity oracle linux CWE-399	7.5
2016-09-30	CVE-2016-0617	Unspecified vulnerability in Oracle Linux 6.0 Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors. local low complexity oracle	5.5
2016-09-28	CVE-2016-2776	Improper Input Validation vulnerability in multiple products buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. network low complexity oracle isc hp CWE-20	7.5
2016-09-21	CVE-2016-7166	Resource Management Errors vulnerability in multiple products libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file. local low complexity redhat libarchive oracle CWE-399	5.5
2016-09-21	CVE-2016-6250	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow. network low complexity oracle libarchive CWE-190	8.6
2016-09-21	CVE-2016-5844	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. network low complexity libarchive redhat oracle CWE-190	6.5
2016-09-21	CVE-2016-5418	Data Processing Errors vulnerability in multiple products The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. network low complexity redhat oracle libarchive CWE-19	7.5