Shodan
Vulnerabilities
Vulnerable Software
Opensuse:  Security Vulnerabilities
CVE-2016-7449
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
CVSS Score
7.5
EPSS Score
0.033
Published
2017-02-06
CVE-2016-7800
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
CVSS Score
7.5
EPSS Score
0.022
Published
2017-02-06
CVE-2016-10165
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
CVSS Score
7.1
EPSS Score
0.009
Published
2017-02-03
CVE-2016-2317
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-03
CVE-2016-2318
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-03
CVE-2016-5241
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-03
CVE-2016-8568
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVSS Score
5.5
EPSS Score
0.006
Published
2017-02-03
CVE-2016-8569
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
CVSS Score
5.5
EPSS Score
0.007
Published
2017-02-03
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
CVSS Score
4.3
EPSS Score
0.027
Published
2017-01-30
CVE-2016-9448
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.
CVSS Score
7.5
EPSS Score
0.016
Published
2017-01-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved