CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-9957 – Gentoo Linux Security Advisory 201707-02
https://notcve.org/view.php?id=CVE-2016-9957
12 Apr 2017 — Stack-based buffer overflow in game-music-emu before 0.6.1. Desbordamiento de búfer basado en pila en game-music-emu en versiones anteriores a 0.6.1. Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-9958 – Gentoo Linux Security Advisory 201707-02
https://notcve.org/view.php?id=CVE-2016-9958
12 Apr 2017 — game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. game-music-emu en versiones anteriores a 0.6.1 permite a atacantes remotos escribir en ubicaciones de memoria arbitrarias. Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-9959 – Gentoo Linux Security Advisory 201707-02
https://notcve.org/view.php?id=CVE-2016-9959
12 Apr 2017 — game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. game-music-emu en versiones anteriores a 0.6.1 permite a los atacantes remotos generar valores fuera de los límites de 8 bits. Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 16EXPL: 0CVE-2014-9846
https://notcve.org/view.php?id=CVE-2014-9846
20 Mar 2017 — Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. Desbordamiento de búfer en la función ReadRLEImage en coders/rle.c en ImageMagick 6.8.9.9 permite a atacantes remotos tener impacto no especificado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2014-9844 – Ubuntu Security Notice USN-3131-1
https://notcve.org/view.php?id=CVE-2014-9844
21 Nov 2016 — The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. La función ReadRLEImage en coders/rle.c en ImageMagick 6.8.9.9 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo de imagen manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked i... • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2014-9845 – Ubuntu Security Notice USN-3131-1
https://notcve.org/view.php?id=CVE-2014-9845
21 Nov 2016 — The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. La función ReadDIBImage en coders/dib.c en ImageMagick permite a atacantes provocar una denegación de servicio (caída) a través de un archivo dib corrompido. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could explo... • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 5%CPEs: 17EXPL: 0CVE-2016-5131 – libxml2: Use after free triggered by XPointer paths beginning with range-to
https://notcve.org/view.php?id=CVE-2016-5131
23 Jul 2016 — Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. Vulnerabilidad de uso después de liberación de memoria en libxml2 hasta la versión 2.9.4, como se utiliza en Google Chrome en versiones anteriores a 52.0.2743.82, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto ... • http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-1696 – chromium-browser: cross-origin bypass in extension bindings
https://notcve.org/view.php?id=CVE-2016-1696
02 Jun 2016 — The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. El subsistema de extensiones en Google Chrome en versiones anteriores a 51.0.2704.79 no restringe adecuadamente accesos vinculantes, lo que permite a atacantes remotos eleduir la Same Origin Policy a través de vectores no especificados. Chromium is an open-source web browser, powered by WebKit. This update upgrades C... • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html • CWE-254: 7PK - Security Features CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2016-1697 – chromium-browser: cross-origin bypass in blink
https://notcve.org/view.php?id=CVE-2016-1697
02 Jun 2016 — The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. La funciónFrameLoader::startLoad en WebKit/Source/core/loader/FrameLoader.cpp en Blink, como es usada en Google Chrome en versiones anteriores a 51.0.2704.79, no impide marcos de navegación durante las opera... • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-1698 – chromium-browser: information leak in extension bindings
https://notcve.org/view.php?id=CVE-2016-1698
02 Jun 2016 — The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition. La función createCustomType en extensions/renderer/resources/binding.js en las extensiones vinculantes en Google Chrome en versiones anteriores a 51.0.2704.79 no valida los tipos de módulos, lo que podría permitir a atac... • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •