Max CVSS 7.8 Min CVSS 1.2 Total Count49
IDCVSSSummaryLast (major) updatePublished
CVE-2015-8704 6.8
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
30-12-2016 - 21:59 20-01-2016 - 10:59
CVE-2015-5366 5.0
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect chec
30-12-2016 - 21:59 31-08-2015 - 06:59
CVE-2015-5364 7.8
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet f
30-12-2016 - 21:59 31-08-2015 - 06:59
CVE-2015-5330 5.0
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending craft
30-12-2016 - 21:59 29-12-2015 - 17:59
CVE-2015-5299 5.0
The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote att
30-12-2016 - 21:59 29-12-2015 - 17:59
CVE-2015-5296 4.3
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-s
30-12-2016 - 21:59 29-12-2015 - 17:59
CVE-2015-5252 5.0
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points o
30-12-2016 - 21:59 29-12-2015 - 17:59
CVE-2016-0618 1.4
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.
22-12-2016 - 11:06 20-01-2016 - 22:02
CVE-2016-0440 7.8
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to NFSv4.
07-12-2016 - 18:43 20-01-2016 - 21:59
CVE-2016-0458 4.0
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Kernel DAX.
07-12-2016 - 17:19 20-01-2016 - 22:00
CVE-2016-0493 3.3
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via unknown vectors related to Kernel Cryptography.
07-12-2016 - 14:36 20-01-2016 - 22:00
CVE-2016-0535 4.3
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to RPC.
07-12-2016 - 13:31 20-01-2016 - 22:01
CVE-2016-0431 1.2
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0419.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0428 4.9
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Verified Boot.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0426 3.6
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality and availability via unknown vectors related to Solaris Kernel Zones.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0419 4.9
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0431.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0418 6.1
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0414.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0416 5.0
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to System Archive Utility.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0414 7.2
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0418.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0406 3.3
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via vectors related to Libc.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2016-0403 7.8
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to SMB Utilities.
07-12-2016 - 13:30 20-01-2016 - 21:59
CVE-2015-8569 1.9
The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection
07-12-2016 - 13:28 28-12-2015 - 06:59
CVE-2015-8543 6.9
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer
07-12-2016 - 13:28 28-12-2015 - 06:59
CVE-2015-8370 6.9
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get f
07-12-2016 - 13:27 16-12-2015 - 16:59
CVE-2015-8104 4.7
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
07-12-2016 - 13:26 16-11-2015 - 06:59
CVE-2015-7554 7.5
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
07-12-2016 - 13:24 08-01-2016 - 14:59
CVE-2015-7499 5.0
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
07-12-2016 - 13:24 15-12-2015 - 16:59
CVE-2015-6857 7.2
Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
07-12-2016 - 13:22 25-11-2015 - 22:59
CVE-2015-5307 4.9
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
07-12-2016 - 13:16 16-11-2015 - 06:59
CVE-2015-4922 2.1
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Boot.
07-12-2016 - 13:15 20-01-2016 - 21:59
CVE-2015-4920 2.1
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via vectors related to NDMP Backup Service.
07-12-2016 - 13:15 20-01-2016 - 21:59
CVE-2014-9512 6.4
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
06-12-2016 - 22:01 12-02-2015 - 11:59
CVE-2016-0728 7.2
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us
05-12-2016 - 22:05 07-02-2016 - 22:59
CVE-2016-0723 5.6
Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGE
05-12-2016 - 22:05 07-02-2016 - 22:59
CVE-2015-8767 4.9
net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
05-12-2016 - 22:04 07-02-2016 - 22:59
CVE-2015-8575 2.1
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted
05-12-2016 - 22:04 07-02-2016 - 22:59
CVE-2015-8539 7.2
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/ke
05-12-2016 - 22:03 07-02-2016 - 22:59
CVE-2015-7566 4.9
The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by ins
05-12-2016 - 22:03 07-02-2016 - 22:59
CVE-2015-7550 4.9
The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified
05-12-2016 - 22:03 07-02-2016 - 22:59
CVE-2013-4312 4.9
The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c
05-12-2016 - 21:59 07-02-2016 - 22:59
CVE-2015-8614 7.5
Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese ch
02-12-2016 - 22:13 11-04-2016 - 17:59
CVE-2015-8552 1.7
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption)
02-12-2016 - 22:13 13-04-2016 - 11:59
CVE-2015-8551 4.7
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash)
02-12-2016 - 22:13 13-04-2016 - 11:59
CVE-2015-8550 5.7
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
02-12-2016 - 22:13 14-04-2016 - 10:59
CVE-2015-8710 7.5
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed H
29-11-2016 - 22:02 11-04-2016 - 17:59
CVE-2014-8242 5.8
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
23-06-2016 - 08:00 26-10-2015 - 13:59
CVE-2016-0453 1.8
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.
08-06-2016 - 11:11 20-01-2016 - 22:00
CVE-2016-0441 6.8
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Embedded Server.
08-06-2016 - 11:10 20-01-2016 - 21:59
CVE-2015-7557 5.0
The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.
23-05-2016 - 09:31 20-05-2016 - 10:59
Back to Top Mark selected
Back to Top