|
267831
|
5.5 |
MEDIUM
Local
|
qt
|
qxmlsimplereader
|
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10040
|
2024-11-21 11:43 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267832
|
7.8 |
HIGH
Local
|
freetype
debian
|
freetype
debian_linux
|
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buf…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10244
|
2024-11-21 11:43 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267833
|
5.5 |
MEDIUM
Local
|
imagemagick
opensuse
|
imagemagick
leap
|
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10070
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267834
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
|
CWE-120
Classic Buffer Overflow
|
CVE-2016-10066
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267835
|
7.8 |
HIGH
Local
|
imagemagick
opensuse
|
imagemagick
leap
|
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
|
CWE-284
Improper Access Control
|
CVE-2016-10065
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267836
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) …
|
CWE-252
Unchecked Return Value
|
CVE-2016-10061
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267837
|
8.8 |
HIGH
Network
|
zoneminder
|
zoneminder
|
Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspe…
|
CWE-352
Origin Validation Error
|
CVE-2016-10206
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267838
|
7.3 |
HIGH
Network
|
zoneminder
|
zoneminder
|
Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie.
|
CWE-384
Session Fixation
|
CVE-2016-10205
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267839
|
9.8 |
CRITICAL
Network
|
zoneminder
|
zoneminder
|
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php.
|
CWE-89
SQL Injection
|
CVE-2016-10204
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267840
|
6.1 |
MEDIUM
Network
|
zoneminder
|
zoneminder
|
Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the name when creating a new monitor.
|
CWE-79
Cross-site Scripting
|
CVE-2016-10203
|
2024-11-21 11:43 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
