Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-03-24 CVE-2017-5506 Double Free vulnerability in multiple products
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
imagemagick debian CWE-415
7.8
7.8
2017-03-24 CVE-2017-5335 Out-of-bounds Read vulnerability in multiple products
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
network
low complexity
opensuse gnu CWE-125
7.5
7.5
2017-03-24 CVE-2016-7797 7PK - Security Features vulnerability in multiple products
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. 		7.5
7.5
2017-03-24 CVE-2016-2225 Resource Exhaustion vulnerability in Uclibc-Ng Project Uclibc-Ng
The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet.
network
low complexity
uclibc-ng-project CWE-400
7.5
7.5
2017-03-24 CVE-2016-2224 Resource Exhaustion vulnerability in Uclibc-Ng Project Uclibc-Ng
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply.
network
low complexity
uclibc-ng-project CWE-400
7.5
7.5
2017-03-24 CVE-2016-10146 Resource Management Errors vulnerability in Imagemagick
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
network
low complexity
imagemagick CWE-399
7.5
7.5
2017-03-24 CVE-2016-10132 NULL Pointer Dereference vulnerability in multiple products
regexp.c in Artifex Software, Inc.
network
low complexity
artifex fedoraproject CWE-476
7.5
7.5
2017-03-24 CVE-2016-10129 NULL Pointer Dereference vulnerability in Libgit2 Project Libgit2 0.25.0
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
network
low complexity
libgit2-project CWE-476
7.5
7.5
2017-03-24 CVE-2017-6087 OS Command Injection vulnerability in Eonweb Project Eonweb
EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.php or the (4) module parameter to module/index.php.
network
low complexity
eonweb-project CWE-78
8.8
8.8
2017-03-24 CVE-2017-5869 Path Traversal vulnerability in Nuxeo
Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a ..
network
low complexity
nuxeo CWE-22
8.8
8.8