Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-01 CVE-2017-6353 Double Free vulnerability in Linux Kernel
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.
local
low complexity
linux CWE-415
5.5
5.5
2017-03-01 CVE-2017-6348 Unspecified vulnerability in Linux Kernel
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
local
low complexity
linux
5.5
5.5
2017-03-01 CVE-2016-9830 Improper Input Validation vulnerability in multiple products
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
local
low complexity
graphicsmagick debian opensuse CWE-20
5.5
5.5
2017-03-01 CVE-2017-5981 Reachable Assertion vulnerability in Zziplib Project Zziplib 0.13.62
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.
local
low complexity
zziplib-project CWE-617
5.5
5.5
2017-03-01 CVE-2017-5980 NULL Pointer Dereference vulnerability in Zziplib Project Zziplib 0.13.62
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
local
low complexity
zziplib-project CWE-476
5.5
5.5
2017-03-01 CVE-2017-5979 NULL Pointer Dereference vulnerability in Zziplib Project Zziplib 0.13.62
The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
local
low complexity
zziplib-project CWE-476
5.5
5.5
2017-03-01 CVE-2017-5978 Out-of-bounds Read vulnerability in Zziplib Project Zziplib 0.13.62
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file.
local
low complexity
zziplib-project CWE-125
5.5
5.5
2017-03-01 CVE-2017-5977 Out-of-bounds Read vulnerability in Zziplib Project Zziplib 0.13.62
The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.
local
low complexity
zziplib-project CWE-125
5.5
5.5
2017-03-01 CVE-2017-5976 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5
2017-03-01 CVE-2017-5975 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5