CVE-2016-9401
- EPSS 0.43%
- Veröffentlicht 23.01.2017 21:59:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
CVE-2015-8971
- EPSS 1.11%
- Veröffentlicht 23.01.2017 21:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063.
CVE-2016-7799
- EPSS 3.57%
- Veröffentlicht 18.01.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVE-2016-7906
- EPSS 1.72%
- Veröffentlicht 18.01.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVE-2016-9811
- EPSS 2.36%
- Veröffentlicht 13.01.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
CVE-2016-2090
- EPSS 3.22%
- Veröffentlicht 13.01.2017 16:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
CVE-2016-9131
- EPSS 40.56%
- Veröffentlicht 12.01.2017 06:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.
CVE-2016-2377
- EPSS 2.67%
- Veröffentlicht 06.01.2017 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-lengt...
CVE-2016-2378
- EPSS 2.52%
- Veröffentlicht 06.01.2017 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfilte...
CVE-2016-2380
- EPSS 1.76%
- Veröffentlicht 06.01.2017 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string which would then get c...