CVE-2016-4476
- EPSS 2.86%
- Veröffentlicht 09.05.2016 10:59:41
- Zuletzt bearbeitet 06.05.2026 22:30:45
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
CVE-2015-8868
- EPSS 4.56%
- Veröffentlicht 06.05.2016 17:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mo...
CVE-2016-4008
- EPSS 29.57%
- Veröffentlicht 05.05.2016 18:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
CVE-2016-3718
- EPSS 76.9%
- Veröffentlicht 05.05.2016 18:59:08
- Zuletzt bearbeitet 22.04.2026 14:35:42
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVE-2016-3717
- EPSS 20.44%
- Veröffentlicht 05.05.2016 18:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
CVE-2016-3716
- EPSS 11.34%
- Veröffentlicht 05.05.2016 18:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
CVE-2016-3715
- EPSS 75.38%
- Veröffentlicht 05.05.2016 18:59:04
- Zuletzt bearbeitet 22.04.2026 14:35:10
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
- EPSS 97.49%
- Veröffentlicht 05.05.2016 18:59:03
- Zuletzt bearbeitet 21.04.2026 19:14:46
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "I...
CVE-2016-2107
- EPSS 89.06%
- Veröffentlicht 05.05.2016 01:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against...
CVE-2016-2105
- EPSS 39.65%
- Veröffentlicht 05.05.2016 01:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.