Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2012-07-03	CVE-2012-0876	Resource Exhaustion vulnerability in multiple products The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. network libexpat-project python debian canonical oracle redhat CWE-400	4.3
2012-06-17	CVE-2012-0037	XXE vulnerability in multiple products Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. network low complexity librdf libreoffice apache fedoraproject redhat debian CWE-611	6.5
2012-06-09	CVE-2012-2038	Information Exposure vulnerability in multiple products Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. network adobe opensuse suse redhat CWE-200	4.3
2012-06-05	CVE-2012-1798	Out-Of-Bounds Read vulnerability in Imagemagick The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. network imagemagick debian redhat opensuse CWE-125	4.3
2012-06-05	CVE-2012-0260	Resource Exhaustion vulnerability in Imagemagick The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. network imagemagick canonical debian redhat opensuse CWE-400	4.3
2012-06-05	CVE-2012-0248	Infinite Loop vulnerability in Imagemagick ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. network imagemagick debian canonical redhat CWE-835	4.3
2012-06-05	CVE-2012-0247	Improper Input Validation vulnerability in Imagemagick ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. network imagemagick debian canonical redhat CWE-20	6.8
2012-05-03	CVE-2012-1690	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703. network low complexity oracle mariadb redhat	4.0
2012-05-03	CVE-2012-1688	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML. network low complexity oracle mariadb redhat	4.0
2011-03-15	CVE-2011-0695	Race Condition vulnerability in multiple products Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference. linux redhat canonical CWE-362	5.7