Total
2132 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-6299 | 2 Fedoraproject, Mock Project | 2 Fedora, Scm Plugin | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | |||||
CVE-2016-10132 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. | |||||
CVE-2016-9446 | 3 Fedoraproject, Gstreamer Project, Redhat | 8 Fedora, Gstreamer, Enterprise Linux Desktop and 5 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas. | |||||
CVE-2016-7970 | 2 Fedoraproject, Libass Project | 2 Fedora, Libass | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
CVE-2016-7972 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. | |||||
CVE-2016-7952 | 2 Fedoraproject, X.org | 2 Fedora, Libxtst | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. | |||||
CVE-2016-9397 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | |||||
CVE-2017-5357 | 2 Fedoraproject, Gnu | 2 Fedora, Ed | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. | |||||
CVE-2017-5330 | 2 Fedoraproject, Kde | 2 Fedora, Ark | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications. | |||||
CVE-2016-6866 | 2 Fedoraproject, Suckless | 2 Fedora, Slock | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash. | |||||
CVE-2016-0720 | 3 Clusterlabs, Fedoraproject, Redhat | 3 Pcs, Fedora, Enterprise Linux | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. | |||||
CVE-2014-9114 | 3 Fedoraproject, Kernel, Opensuse | 3 Fedora, Util-linux, Opensuse | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | |||||
CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2016-9398 | 4 Fedoraproject, Jasper Project, Opensuse and 1 more | 6 Fedora, Jasper, Leap and 3 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | |||||
CVE-2017-5884 | 2 Fedoraproject, Gnome | 2 Fedora, Gtk-vnc | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile. | |||||
CVE-2016-7946 | 2 Fedoraproject, X.org | 2 Fedora, Libxi | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. | |||||
CVE-2017-6313 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Gdk-pixbuf | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file. | |||||
CVE-2016-9399 | 3 Fedoraproject, Jasper Project, Opensuse | 3 Fedora, Jasper, Leap | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | |||||
CVE-2016-9243 | 3 Canonical, Cryptography.io, Fedoraproject | 3 Ubuntu Linux, Cryptography, Fedora | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size. | |||||
CVE-2016-2334 | 3 7-zip, Fedoraproject, Oracle | 3 7-zip, Fedora, Solaris | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. |