|
256891
|
7.5 |
HIGH
Network
|
jasper_project
|
jasper
|
The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer.
|
NVD-CWE-Other
|
CVE-2016-9391
|
2024-11-21 12:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256892
|
5.5 |
MEDIUM
Local
|
jasper_project
|
jasper
|
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
|
CWE-20
Improper Input Validation
|
CVE-2016-9390
|
2024-11-21 12:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256893
|
7.5 |
HIGH
Network
|
jasper_project
|
jasper
|
The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service (assertion failure).
|
NVD-CWE-Other
|
CVE-2016-9389
|
2024-11-21 12:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256894
|
5.5 |
MEDIUM
Local
|
jasper_project
canonical
|
jasper
ubuntu_linux
|
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
|
CWE-617
Reachable Assertion
|
CVE-2016-9388
|
2024-11-21 12:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256895
|
7.8 |
HIGH
Local
|
jasper_project
|
jasper
|
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an asse…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-9387
|
2024-11-21 12:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256896
|
7.8 |
HIGH
Local
|
debian
canonical
apache
|
debian_linux
ubuntu_linux
tomcat
|
The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 L…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9775
|
2024-11-21 12:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256897
|
7.8 |
HIGH
Local
|
debian
canonical
apache
|
debian_linux
ubuntu_linux
tomcat
|
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7…
|
CWE-59
Link Following
|
CVE-2016-9774
|
2024-11-21 12:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256898
|
3.1 |
LOW
Network
|
ibm
|
rational_rhapsody_design_manager
|
An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. A JSON Hijacking Attack may expose to an attacker information passed betw…
|
CWE-200
Information Exposure
|
CVE-2016-9697
|
2024-11-21 12:01 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256899
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_rhapsody_design_manager
|
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the secu…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9696
|
2024-11-21 12:01 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256900
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_rhapsody_design_manager
|
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9694
|
2024-11-21 12:01 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
