CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6163
https://notcve.org/view.php?id=CVE-2016-6163
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. La función rsvg_pattern_fix_fallback en rsvg-paint_server.c en librsvg2 2.40.2 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo svg manipulado. • http://www.openwall.com/lists/oss-security/2016/07/04/3 http://www.openwall.com/lists/oss-security/2016/07/05/9 https://bugzilla.redhat.com/show_bug.cgi?id=1353520 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9888
https://notcve.org/view.php?id=CVE-2016-9888
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file. Un error dentro de la función "tar_directory_for_file()" (gsf-infile-tar.c) en GNOME Structured File Library en versiones anteriores a 1.14.41 puede ser explotado para desencadenar una referencia a puntero Null y subsecuentemente provocar una caída a través de un archivo TAR manipulado. • http://www.securityfocus.com/bid/94860 https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5 https://lists.debian.org/debian-lts-announce/2020/04/msg00016.html https://secunia.com/advisories/71201 https://secunia.com/secunia_research/2016-17 • CWE-476: NULL Pointer Dereference •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-1000033
https://notcve.org/view.php?id=CVE-2016-1000033
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks. Shotwell versión 0.22.0 (y posiblemente otras versiones) es vulnerable a un fallo de validación de certificación TLS/SSL resultando en un potencial para atacantes man in the middle. • https://bugzilla.gnome.org/show_bug.cgi?id=754488 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 3CVE-2016-6352
https://notcve.org/view.php?id=CVE-2016-6352
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file. La función OneLine32 en io-ico.c en gdk-pixbuf en versiones anteriores a 2.35.3 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites y caída) a través de dimensiones manipuladas en un archivo ICO. • http://lists.opensuse.org/opensuse-updates/2016-09/msg00040.html http://www.openwall.com/lists/oss-security/2016/07/13/11 http://www.openwall.com/lists/oss-security/2016/07/26/11 http://www.ubuntu.com/usn/USN-3085-1 https://bugzilla.gnome.org/show_bug.cgi?id=769170 https://git.gnome.org/browse/gdk-pixbuf/commit/?id=88af50a864195da1a4f7bda5f02539704fbda599 https://git.gnome.org/browse/gdk-pixbuf/tree/NEWS?id=640134c46221689d263369872937192e4484c83b https://lists.debian.org/debian-lts&# • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 2%CPEs: 29EXPL: 2CVE-2016-6855 – Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write
https://notcve.org/view.php?id=CVE-2016-6855
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup. Eye of GNOME (también conocido como eog) 3.16.5, 3.17.x, 3.18.x en versiones anteriores a 3.18.3, 3.19.x y 3.20.x en versiones anteriores a 3.20.4, cuando es utilizado con glib en versiones anteriores a 2.44.1, permiten a atacantes remotos provocar una denegación de servicio (escritura fuera de límites y caída) a través de vectores que involucran paso UTF-8 inválido para GMarkup. Gnome Eye of Gnome version 3.10.2 suffers from an out-of-bounds write vulnerability. • https://www.exploit-db.com/exploits/40291 http://lists.opensuse.org/opensuse-updates/2016-09/msg00021.html http://packetstormsecurity.com/files/138486/Gnome-Eye-Of-Gnome-3.10.2-Out-Of-Bounds-Write.html http://www.securityfocus.com/bid/92616 http://www.ubuntu.com/usn/USN-3069-1 https://bugzilla.gnome.org/show_bug.cgi?id=770143 https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4 https://git.gnome.org/browse/eog/plain/NEWS?h=3.16.5 https:/& • CWE-787: Out-of-bounds Write •