CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2014-9852
https://notcve.org/view.php?id=CVE-2014-9852
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. distribute-cache.c en ImageMagick vuelve a usar objetos después de haberlos destruido, lo que permite a atacantes remotos tener un impacto no especificado a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=37ec7d53dcb99fbd1f5c33442594d5e279630563 https://bugzilla.redhat.com/show_bug.cgi?id=1343512 • CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-8568
https://notcve.org/view.php?id=CVE-2016-8568
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. La función git_commit_message en oid.c en libgit2 en versiones anteriores a 0.24.3 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un comando cat-file con un archivo de objeto manipulado. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00075.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00103.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00110.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00114.html http://www.openwall.com/lists/oss-security/2016/10/08/7 http://www.securityfocus.com/bid/93466 https://bugzilla.redhat.com/show_bug.cgi?id=1383211 https://github.com/libgit2/libgit2/issues/3936 https://github.com/libgit2 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-8569
https://notcve.org/view.php?id=CVE-2016-8569
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. La función git_oid_nfmt en commit.c en libgit2 en versiones anteriores a 0.24.3 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través de un comando cat-file con un archivo de objeto manipulado. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00075.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00103.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00110.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00114.html http://www.openwall.com/lists/oss-security/2016/10/08/7 http://www.securityfocus.com/bid/93465 https://bugzilla.redhat.com/show_bug.cgi?id=1383211 https://github.com/libgit2/libgit2/issues/3937 https://github.com/libgit2 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 1%CPEs: 7EXPL: 0CVE-2016-2317
https://notcve.org/view.php?id=CVE-2016-2317
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. Múltiples desbordamientos de búfer en GraphicsMagick 1.3.23 permiten a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo SVG manipulado, relacionado con (1) la función TracePoint en magick/render.c, (2) función GetToken en magick/utility.c, y (3) función GetTransformTokens en coders/svg.c. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html http://www.debian.org/security/2016/dsa-3746 http://www.openwall.com/lists/oss-security/2016/02/11/6 http://www.openwall.com/lists/oss-security/2016/05/20/4 http://www.openwall.com/lists/oss-security/2016/05/27/4 http://www.openwall.com/lists/oss& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 1%CPEs: 7EXPL: 0CVE-2016-2318
https://notcve.org/view.php?id=CVE-2016-2318
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. GraphicsMagick 1.3.23 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través de un archivo SVG manipulado, relacionado con (1) la función DrawImage en magick/render.c, (2) función SVGStartElement en coders/svg.c, y (3) función TraceArcPath en magick/render.c. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html http://www.debian.org/security/2016/dsa-3746 http://www.openwall.com/lists/oss-security/2016/02/11/6 http://www.openwall.com/lists/oss-security/2016/05/27/4 http://www.openwall.com/lists/oss-security/2016/05/31/3 http://www.openwall.com/lists/oss& • CWE-476: NULL Pointer Dereference •