Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-04 | CVE-2016-10318 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. | 6.5 |
| 2017-04-03 | CVE-2017-7400 | Cross-site Scripting vulnerability in Openstack Horizon OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping. | 4.8 |
| 2017-04-03 | CVE-2017-7383 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 5.5 |
| 2017-04-03 | CVE-2017-7382 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 5.5 |
| 2017-04-03 | CVE-2017-7381 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 5.5 |
| 2017-04-03 | CVE-2017-7380 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 5.5 |
| 2017-04-03 | CVE-2017-7379 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. | 5.5 |
| 2017-04-03 | CVE-2017-7378 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. | 5.5 |
| 2017-04-03 | CVE-2017-5951 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2017-5950 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Yaml-Cpp Project Yaml-Cpp 0.5.3 The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | 5.5 |