Every CVE whose affected-product data names Wvware Libwmf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2006-3376 — CVSS 7.5 (high): Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5)…
CVE-2015-0848 — CVSS 6.8 (medium): Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary…
CVE-2015-4588 — CVSS 6.8 (medium): Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or…
CVE-2016-9011 — CVSS 5.5 (medium): The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted…
CVE-2015-4695 — CVSS 5.0 (medium): meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
CVE-2015-4696 — CVSS 4.3 (medium): Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the…