Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-19 CVE-2016-7529 Out-of-bounds Read vulnerability in Imagemagick
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-19 CVE-2016-7528 Out-of-bounds Read vulnerability in Imagemagick
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-19 CVE-2016-7522 Out-of-bounds Read vulnerability in Imagemagick
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-19 CVE-2016-7519 Out-of-bounds Read vulnerability in Imagemagick
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-19 CVE-2016-7515 Out-of-bounds Read vulnerability in Imagemagick
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-04-19 CVE-2016-5410 Improper Authentication vulnerability in multiple products
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
local
low complexity
firewalld redhat CWE-287
5.5
5.5
2017-04-19 CVE-2014-9907 Improper Input Validation vulnerability in Imagemagick
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.
network
low complexity
imagemagick CWE-20
6.5
6.5
2017-04-18 CVE-2017-7946 Use After Free vulnerability in Radare Radare2 1.3.0
The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted Mach0 file.
local
low complexity
radare CWE-416
5.5
5.5
2017-04-18 CVE-2017-7943 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
network
low complexity
imagemagick debian CWE-772
6.5
6.5
2017-04-18 CVE-2017-7942 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.54
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
network
low complexity
imagemagick CWE-772
6.5
6.5