CVE-2016-2177
- EPSS 44.51%
- Veröffentlicht 20.06.2016 01:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveragi...
- EPSS 49.98%
- Veröffentlicht 10.06.2016 15:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
CVE-2016-3627
- EPSS 7.03%
- Veröffentlicht 17.05.2016 14:08:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML doc...
CVE-2016-3718
- EPSS 76.9%
- Veröffentlicht 05.05.2016 18:59:08
- Zuletzt bearbeitet 22.04.2026 14:35:42
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVE-2016-3715
- EPSS 75.38%
- Veröffentlicht 05.05.2016 18:59:04
- Zuletzt bearbeitet 22.04.2026 14:35:10
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
CVE-2016-4085
- EPSS 3.03%
- Veröffentlicht 25.04.2016 10:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long st...
CVE-2016-4082
- EPSS 2.4%
- Veröffentlicht 25.04.2016 10:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and appl...
CVE-2016-4079
- EPSS 2.17%
- Veröffentlicht 25.04.2016 10:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via ...
CVE-2016-3465
- EPSS 0.34%
- Veröffentlicht 21.04.2016 11:00:43
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to ZFS.
CVE-2016-3462
- EPSS 0.34%
- Veröffentlicht 21.04.2016 11:00:40
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service.