Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-01 | CVE-2016-9823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 11.8 libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | 5.5 |
| 2017-03-01 | CVE-2016-9822 | Integer Overflow or Wraparound vulnerability in Libav 11.8 Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | 5.5 |
| 2017-03-01 | CVE-2016-9821 | Integer Overflow or Wraparound vulnerability in Libav 11.8 Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | 5.5 |
| 2017-03-01 | CVE-2016-9820 | Numeric Errors vulnerability in Libav 11.8 libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | 5.5 |
| 2017-03-01 | CVE-2016-9819 | Numeric Errors vulnerability in Libav 11.8 libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | 5.5 |
| 2017-03-01 | CVE-2016-9559 | NULL Pointer Dereference vulnerability in multiple products coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image. | 6.5 |
| 2017-03-01 | CVE-2016-8508 | 7PK - Security Features vulnerability in Yandex Browser Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site. | 6.5 |
| 2017-03-01 | CVE-2016-8507 | Information Exposure vulnerability in Yandex Browser Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video and audio data from a device via a crafted web site. | 6.5 |
| 2017-03-01 | CVE-2016-10095 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff 4.0.7 Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. | 5.5 |
| 2017-02-28 | CVE-2016-9261 | Cross-site Scripting vulnerability in Tenable LOG Correlation Engine 4.8.0 Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |