Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2016-12-13 CVE-2016-6491 Out-of-bounds Read vulnerability in multiple products
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
network
low complexity
imagemagick oracle CWE-125
8.8
8.8
2016-12-13 CVE-2016-5842 Out-of-bounds Read vulnerability in multiple products
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
network
low complexity
imagemagick oracle CWE-125
7.5
7.5
2016-12-13 CVE-2016-5688 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
network
high complexity
oracle imagemagick CWE-119
8.1
8.1
2016-12-12 CVE-2016-9937 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Digium Asterisk
An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1.
network
low complexity
digium CWE-119
7.5
7.5
2016-12-12 CVE-2016-9429 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
network
low complexity
tats CWE-119
8.8
8.8
2016-12-12 CVE-2016-9428 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
network
low complexity
tats CWE-119
8.8
8.8
2016-12-12 CVE-2016-9426 Integer Overflow or Wraparound vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
network
low complexity
tats CWE-190
8.8
8.8
2016-12-12 CVE-2016-9425 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
network
low complexity
tats CWE-119
8.8
8.8
2016-12-12 CVE-2016-9424 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
network
low complexity
tats CWE-119
8.8
8.8
2016-12-12 CVE-2016-9423 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31.
network
low complexity
tats CWE-119
8.8
8.8