Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-03-24 CVE-2017-7243 NULL Pointer Dereference vulnerability in Eclipse Tinydtls 0.8.2
Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake.
network
low complexity
eclipse CWE-476
7.5
7.5
2017-03-24 CVE-2017-7240 Path Traversal vulnerability in Miele Professional Pst10 Webserver
An issue was discovered on Miele Professional PST10 devices.
network
low complexity
miele-professional CWE-22
7.5
7.5
2017-03-24 CVE-2017-5510 Out-of-bounds Write vulnerability in multiple products
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
local
low complexity
imagemagick debian CWE-787
7.8
7.8
2017-03-24 CVE-2017-5509 Out-of-bounds Write vulnerability in Imagemagick
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
local
low complexity
imagemagick CWE-787
7.8
7.8
2017-03-24 CVE-2017-5507 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
network
low complexity
imagemagick debian CWE-772
7.5
7.5
2017-03-24 CVE-2017-5506 Double Free vulnerability in multiple products
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
imagemagick debian CWE-415
7.8
7.8
2017-03-24 CVE-2017-5335 Out-of-bounds Read vulnerability in multiple products
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
network
low complexity
opensuse gnu CWE-125
7.5
7.5
2017-03-24 CVE-2016-7797 7PK - Security Features vulnerability in multiple products
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. 		7.5
7.5
2017-03-24 CVE-2016-2225 Resource Exhaustion vulnerability in Uclibc-Ng Project Uclibc-Ng
The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet.
network
low complexity
uclibc-ng-project CWE-400
7.5
7.5
2017-03-24 CVE-2016-2224 Resource Exhaustion vulnerability in Uclibc-Ng Project Uclibc-Ng
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply.
network
low complexity
uclibc-ng-project CWE-400
7.5
7.5