16 matches found
DEBIAN-CVE-2016-10907
An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755parsedt...
DEBIAN-CVE-2016-10371
The TIFFWriteDirectoryTagCheckedRational function in tifdirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF file...
DEBIAN-CVE-2016-2347
Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...
DEBIAN-CVE-2016-10051
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file...
DEBIAN-CVE-2016-10171
The unreorderchannels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...
DEBIAN-CVE-2016-10204
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...
DEBIAN-CVE-2016-5102
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service segmentation fault via a crafted gif file...
DEBIAN-CVE-2016-7996
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries...
DEBIAN-CVE-2016-7555
The avireadheader function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure...
DEBIAN-CVE-2016-6607
XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...
DEBIAN-CVE-2016-9918
In BlueZ 5.42, an out-of-bounds read was identified in "packethexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash...
DEBIAN-CVE-2016-7175
epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...
DEBIAN-CVE-2016-5699
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython aka Python before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL...
DEBIAN-CVE-2016-4591
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors...
DEBIAN-CVE-2016-4472
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and...
DEBIAN-CVE-2016-2793
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...