5 matches found
DEBIAN-CVE-2016-8685
The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service invalid memory access and crash via a crafted BMP image...
DEBIAN-CVE-2016-6582
The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specification...
DEBIAN-CVE-2016-2175
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...
DEBIAN-CVE-2016-1969
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted Graphite smart font...
DEBIAN-CVE-2016-2330
libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted .tga file, related to the gifimagewriteimage, gifencodeinit, and...