Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2017
CVE-2016-4571
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
CVSS Score
5.5
EPSS Score
0.008
Published
2017-02-03
CVE-2016-5115
The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-03
CVE-2016-5241
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-03
CVE-2016-6163
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-03
CVE-2016-8568
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVSS Score
5.5
EPSS Score
0.006
Published
2017-02-03
CVE-2016-8569
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
CVSS Score
5.5
EPSS Score
0.007
Published
2017-02-03
CVE-2016-9082
Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-03
CVE-2016-9085
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.
CVSS Score
3.3
EPSS Score
0.001
Published
2017-02-03
CVE-2016-9108
Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-02-03
CVE-2016-9642
JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved