CVE-2017-5991
- EPSS 15.18%
- Veröffentlicht 15.02.2017 06:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and...
CVE-2016-3616
- EPSS 4.39%
- Veröffentlicht 13.02.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
CVE-2017-3302
- EPSS 4.91%
- Veröffentlicht 12.02.2017 04:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
CVE-2017-5847
- EPSS 3.73%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
CVE-2017-5848
- EPSS 4.43%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
CVE-2016-2147
- EPSS 8.06%
- Veröffentlicht 09.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.
CVE-2016-2148
- EPSS 28.43%
- Veröffentlicht 09.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.
CVE-2016-7446
- EPSS 3.99%
- Veröffentlicht 06.02.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
CVE-2016-7447
- EPSS 4.02%
- Veröffentlicht 06.02.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2016-7448
- EPSS 3.85%
- Veröffentlicht 06.02.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.