IDCVSSSummaryLast (major) updatePublished
CVE-2016-9832 None
PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonst
10-12-2016 - 02:59 10-12-2016 - 02:59
CVE-2016-7995 None
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7994 None
Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CRE
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7466 None
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7422 None
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7421 None
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7170 None
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7157 None
The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via vectors involving MPTSAS_CONFIG_
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7156 None
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7155 None
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-7116 None
Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-6888 None
Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an uncheck
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-6836 None
The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-6835 None
The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-6834 None
The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-6833 None
Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device i
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-6490 None
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-4964 None
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state.
10-12-2016 - 00:59 10-12-2016 - 00:59
CVE-2016-5424 None
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \
09-12-2016 - 23:59 09-12-2016 - 23:59
CVE-2016-5423 None
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory informat
09-12-2016 - 23:59 09-12-2016 - 23:59
CVE-2016-9106 None
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-9105 None
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-9104 None
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which tr
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-9103 None
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them.
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-9102 None
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with t
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-9101 None
Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-6501 None
JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-6496 None
The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-6321 None
Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the
09-12-2016 - 22:59 09-12-2016 - 22:59
CVE-2016-9014 None
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOS
09-12-2016 - 20:59 09-12-2016 - 20:59
CVE-2016-9013 None
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the da
09-12-2016 - 20:59 09-12-2016 - 20:59
CVE-2016-6829 None
The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp (aka barclamp-trove and crowbar-barclamp-trove) in the Crowbar Framework has a default password, which makes it easier for remote attackers to obtain ac
09-12-2016 - 20:59 09-12-2016 - 20:59
CVE-2016-6523 None
Multiple cross-site scripting (XSS) vulnerabilities in the media manager in Dotclear before 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) q or (2) link_type parameter to admin/media.php.
09-12-2016 - 20:59 09-12-2016 - 20:59
CVE-2016-6301 None
The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.
09-12-2016 - 20:59 09-12-2016 - 20:59
CVE-2015-8786 None
The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter.
09-12-2016 - 20:59 09-12-2016 - 20:59
CVE-2016-8858 7.8
** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH
09-12-2016 - 11:59 09-12-2016 - 11:59
CVE-2016-9120 9.3
Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.
08-12-2016 - 21:59 08-12-2016 - 21:59
CVE-2015-8967 9.3
arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access.
08-12-2016 - 21:59 08-12-2016 - 21:59
CVE-2015-8966 7.2
arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.
08-12-2016 - 21:59 08-12-2016 - 21:59
CVE-2016-9920 6.0
steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which
08-12-2016 - 18:59 08-12-2016 - 18:59
CVE-2016-9919 7.8
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.
08-12-2016 - 17:59 08-12-2016 - 17:59
CVE-2016-8104 2.1
Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service.
08-12-2016 - 17:59 08-12-2016 - 17:59
CVE-2016-8103 None
SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform.
08-12-2016 - 17:59 08-12-2016 - 17:59
CVE-2016-8102 7.2
Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges.
08-12-2016 - 17:59 08-12-2016 - 17:59
CVE-2016-9918 5.0
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
08-12-2016 - 08:59 08-12-2016 - 08:59
CVE-2016-9917 5.0
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
08-12-2016 - 08:59 08-12-2016 - 08:59
CVE-2016-9888 4.3
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file.
08-12-2016 - 08:59 08-12-2016 - 08:59
CVE-2016-9839 5.0
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.
08-12-2016 - 08:59 08-12-2016 - 08:59
CVE-2016-8655 7.2
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet
08-12-2016 - 08:59 08-12-2016 - 08:59
CVE-2015-8870 5.8
Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4
06-12-2016 - 18:59 06-12-2016 - 18:59
Back to Top Mark selected
Back to Top