CVE-2014-4616

Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...

Information disclosure

In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory...

CVE-2017-13143

In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory...

CVE-2017-13143

In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory...

CVE-2017-13143

CVE-2017-13143: ImageMagick reads MAT files using ReadMATImage in coders/mat.c with uninitialized data, potentially exposing sensitive memory. Affected: ImageMagick 6.x up to 6.9.7-6 and 7.x up to 7.0.4-6. Mitigation/remediation details are not provided in the documents; upgrade to patched releas...

CVE-2017-13143

In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory...

CVE-2017-13143

In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory...

CVE-2017-5102

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2017-5103

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

F5 Networks BIG-IP : Python and Jython vulnerability (K78825687)

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a 'buffer' function. CVE-2014-7185 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

CVE-2017-0196

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...

Information disclosure

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...

CVE-2017-0196

An information disclosure vulnerability in Microsoft scripting engine allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...

Heap overflow

In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue...

CVE-2017-10928

In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue...

Out-Of-Bounds Write Vulnerability

MuPDF is vulnerable to an out-of-bounds write vulnerability. A flaw in the glyph scaling code leads to an overwrite of heap metadata and sensitive process memory when an attacker opens a malicious file in a vulnerable reader. This vulnerability also potentially results in code execution...

CVE-2017-9465

The yrarenawritedata function in YARA 3.6.1 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain sensitive information from process memory via a crafted file that is mishandled in the yrrefastexec function in libyara/re.c and the yrscanmatchcallbac...

CVE-2017-9465

The yrarenawritedata function in YARA 3.6.1 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain sensitive information from process memory via a crafted file that is mishandled in the yrrefastexec function in libyara/re.c and the yrscanmatchcallbac...

[SECURITY] [DLA 953-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u7 CVE ID : CVE-2017-9098 Debian Bug : 862967 Chris Evans discovered that graphicsmagick used uninitialized memory in the RLE decoder, allowing an remote attacker to leak sensitive information from process memory space. More information are...

SUSE-SU-2017:1379-1 Security update for libplist

This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data bsc1019531. - CVE-2017-5545: T...