Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 24  Security Vulnerabilities
CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.
CVSS Score
7.5
EPSS Score
0.019
Published
2017-02-22
CVE-2016-4861
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.20 might allow remote attackers to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation.
CVSS Score
9.8
EPSS Score
0.04
Published
2017-02-17
CVE-2016-6233
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression.
CVSS Score
9.8
EPSS Score
0.017
Published
2017-02-17
CVE-2016-6866
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-02-15
CVE-2013-7459
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
CVSS Score
9.8
EPSS Score
0.134
Published
2017-02-15
CVE-2016-4796
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-02-03
CVE-2016-4797
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-02-03
CVE-2016-8568
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVSS Score
5.5
EPSS Score
0.006
Published
2017-02-03
CVE-2016-8569
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
CVSS Score
5.5
EPSS Score
0.007
Published
2017-02-03
CVE-2016-9085
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.
CVSS Score
3.3
EPSS Score
0.001
Published
2017-02-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved