Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-03-23
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-03-23
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394.
CVSS Score
5.9
EPSS Score
0.003
Published
2017-03-23
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check.
CVSS Score
2.7
EPSS Score
0.399
Published
2017-03-20
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVSS Score
7.5
EPSS Score
0.021
Published
2017-03-20
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-20
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
CVSS Score
9.8
EPSS Score
0.026
Published
2017-03-20
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
CVSS Score
6.1
EPSS Score
0.006
Published
2017-03-15
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
CVSS Score
5.5
EPSS Score
0.006
Published
2017-03-03
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
CVSS Score
5.5
EPSS Score
0.013
Published
2017-03-02