CVE-2015-3146
- EPSS 3.91%
- Veröffentlicht 13.04.2016 17:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted S...
CVE-2016-3982
- EPSS 3.97%
- Veröffentlicht 13.04.2016 16:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, whi...
CVE-2016-3981
- EPSS 4.43%
- Veröffentlicht 13.04.2016 16:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image ...
CVE-2016-2191
- EPSS 3.52%
- Veröffentlicht 13.04.2016 16:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.
CVE-2015-8552
- EPSS 0.45%
- Veröffentlicht 13.04.2016 15:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption)...
CVE-2015-7545
- EPSS 20.14%
- Veröffentlicht 13.04.2016 15:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execut...
CVE-2016-2116
- EPSS 2.98%
- Veröffentlicht 13.04.2016 14:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
CVE-2016-1577
- EPSS 3.27%
- Veröffentlicht 13.04.2016 14:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, ...
CVE-2014-9766
- EPSS 5.57%
- Veröffentlicht 13.04.2016 14:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values.
CVE-2016-2118
- EPSS 36.93%
- Veröffentlicht 12.04.2016 23:59:37
- Zuletzt bearbeitet 06.05.2026 22:30:45
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersona...