Max CVSS 10.0 Min CVSS 2.1 Total Count217
IDCVSSSummaryLast (major) updatePublished
CVE-2016-4644 4.0
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types w
11-01-2019 - 13:29 11-01-2019 - 13:29
CVE-2016-4643 4.0
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.
11-01-2019 - 13:29 11-01-2019 - 13:29
CVE-2016-4642 4.3
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.
11-01-2019 - 13:29 11-01-2019 - 13:29
CVE-2015-7871 7.5
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7855 4.0
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7854 6.5
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7853 7.5
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7852 4.3
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7850 4.0
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7849 6.5
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7705 7.5
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7704 5.0
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7702 4.0
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7701 7.8
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7692 5.0
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7691 5.0
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to a
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2014-9831 6.8
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2014-9830 6.8
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2014-9828 6.8
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
07-08-2017 - 16:29 07-08-2017 - 16:29
CVE-2015-7703 5.8
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and w
24-07-2017 - 10:29 24-07-2017 - 10:29
CVE-2016-4449 5.8
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource con
11-05-2017 - 21:29 09-06-2016 - 12:59
CVE-2015-7848 5.0
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp.
11-05-2017 - 21:29 06-01-2017 - 16:59
CVE-2016-2108 10.0
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "ne
09-05-2017 - 21:29 04-05-2016 - 21:59
CVE-2016-2107 2.6
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against
09-05-2017 - 21:29 04-05-2016 - 21:59
CVE-2014-9829 4.3
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
09-05-2017 - 08:40 05-04-2017 - 13:59
CVE-2014-9837 4.3
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
09-05-2017 - 08:40 11-04-2017 - 15:59
CVE-2016-4650 9.3
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
25-04-2017 - 14:39 20-04-2017 - 13:59
CVE-2016-4483 5.0
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulne
18-04-2017 - 12:19 11-04-2017 - 12:59
CVE-2014-9825 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
10-04-2017 - 18:31 30-03-2017 - 11:59
CVE-2014-9823 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
06-04-2017 - 09:13 30-03-2017 - 11:59
CVE-2014-9824 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
06-04-2017 - 08:56 30-03-2017 - 11:59
CVE-2014-9822 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
04-04-2017 - 11:45 30-03-2017 - 11:59
CVE-2014-9821 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
04-04-2017 - 11:45 30-03-2017 - 11:59
CVE-2014-9820 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
04-04-2017 - 11:44 30-03-2017 - 11:59
CVE-2014-9819 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
04-04-2017 - 11:44 30-03-2017 - 11:59
CVE-2014-9818 4.3
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
04-04-2017 - 11:43 30-03-2017 - 11:59
CVE-2014-9817 6.8
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.
04-04-2017 - 11:42 30-03-2017 - 11:59
CVE-2014-9816 4.3
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
04-04-2017 - 11:41 30-03-2017 - 11:59
CVE-2014-9814 4.3
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
04-04-2017 - 11:40 30-03-2017 - 11:59
CVE-2014-9813 4.3
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
04-04-2017 - 11:40 30-03-2017 - 11:59
CVE-2014-9815 4.3
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
04-04-2017 - 11:37 30-03-2017 - 11:59
CVE-2014-9812 4.3
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
04-04-2017 - 11:36 30-03-2017 - 11:59
CVE-2014-9811 4.3
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
04-04-2017 - 11:36 30-03-2017 - 11:59
CVE-2014-9810 4.3
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
04-04-2017 - 11:35 30-03-2017 - 11:59
CVE-2014-9809 4.3
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
04-04-2017 - 11:35 30-03-2017 - 11:59
CVE-2014-9808 4.3
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
04-04-2017 - 11:34 30-03-2017 - 11:59
CVE-2014-9807 4.3
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
04-04-2017 - 11:34 30-03-2017 - 11:59
CVE-2014-9806 4.3
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
04-04-2017 - 11:33 30-03-2017 - 11:59
CVE-2014-9805 4.3
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
04-04-2017 - 11:31 30-03-2017 - 11:59
CVE-2014-9826 7.5
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
04-04-2017 - 11:09 30-03-2017 - 11:59
CVE-2014-9840 4.3
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
24-03-2017 - 08:46 22-03-2017 - 10:59
CVE-2014-9839 5.0
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
24-03-2017 - 08:40 22-03-2017 - 10:59
CVE-2014-9838 4.3
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
24-03-2017 - 08:40 22-03-2017 - 10:59
CVE-2014-9836 4.3
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
24-03-2017 - 08:39 22-03-2017 - 10:59
CVE-2014-9835 6.8
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
24-03-2017 - 08:39 22-03-2017 - 10:59
CVE-2014-9834 6.8
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
24-03-2017 - 08:39 22-03-2017 - 10:59
CVE-2014-9833 6.8
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
24-03-2017 - 08:39 22-03-2017 - 10:59
CVE-2014-9832 6.8
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
24-03-2017 - 08:39 22-03-2017 - 10:59
CVE-2014-9847 7.5
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
22-03-2017 - 15:03 20-03-2017 - 12:59
CVE-2014-9846 7.5
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
22-03-2017 - 15:03 20-03-2017 - 12:59
CVE-2014-9845 4.3
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
22-03-2017 - 15:02 20-03-2017 - 12:59
CVE-2014-9844 4.3
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
22-03-2017 - 15:01 20-03-2017 - 12:59
CVE-2014-9842 5.0
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
22-03-2017 - 15:01 20-03-2017 - 12:59
CVE-2014-9841 7.5
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
22-03-2017 - 15:01 20-03-2017 - 12:59
CVE-2014-9848 5.0
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
22-03-2017 - 13:23 20-03-2017 - 12:59
CVE-2014-9850 5.0
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
22-03-2017 - 13:23 20-03-2017 - 12:59
CVE-2014-9849 5.0
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
22-03-2017 - 13:22 20-03-2017 - 12:59
CVE-2014-9843 7.5
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
22-03-2017 - 13:22 20-03-2017 - 12:59
CVE-2014-9851 5.0
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
22-03-2017 - 13:16 20-03-2017 - 12:59
CVE-2014-9854 5.0
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
21-03-2017 - 09:17 17-03-2017 - 10:59
CVE-2014-9852 7.5
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
21-03-2017 - 09:16 17-03-2017 - 10:59
CVE-2014-9853 4.3
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
21-03-2017 - 09:16 17-03-2017 - 10:59
CVE-2016-5387 5.1
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app
20-03-2017 - 21:59 18-07-2016 - 22:00
CVE-2016-5385 5.1
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attacker
20-03-2017 - 21:59 18-07-2016 - 22:00
CVE-2015-8898 4.3
The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
17-03-2017 - 08:25 15-03-2017 - 15:59
CVE-2015-8897 4.3
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
17-03-2017 - 08:25 15-03-2017 - 15:59
CVE-2015-8896 4.3
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
17-03-2017 - 08:23 15-03-2017 - 15:59
CVE-2015-8895 5.0
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
17-03-2017 - 08:23 15-03-2017 - 15:59
CVE-2015-8894 4.3
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
17-03-2017 - 08:22 15-03-2017 - 15:59
CVE-2016-6210 4.3
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference be
09-03-2017 - 11:51 13-02-2017 - 12:59
CVE-2016-0718 7.5
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
02-03-2017 - 21:59 26-05-2016 - 12:59
CVE-2016-4448 10.0
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
28-02-2017 - 21:59 09-06-2016 - 12:59
CVE-2016-4447 5.0
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
28-02-2017 - 21:59 09-06-2016 - 12:59
CVE-2016-2176 6.4
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EB
28-02-2017 - 21:59 04-05-2016 - 21:59
CVE-2016-2109 7.8
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
28-02-2017 - 21:59 04-05-2016 - 21:59
CVE-2016-2106 5.0
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
28-02-2017 - 21:59 04-05-2016 - 21:59
CVE-2016-2105 5.0
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
28-02-2017 - 21:59 04-05-2016 - 21:59
CVE-2016-1836 4.3
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via
28-02-2017 - 21:59 20-05-2016 - 06:59
CVE-2015-8903 4.3
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
28-02-2017 - 13:52 27-02-2017 - 17:59
CVE-2015-8901 4.3
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
28-02-2017 - 13:50 27-02-2017 - 17:59
CVE-2015-8902 4.3
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
28-02-2017 - 13:50 27-02-2017 - 17:59
CVE-2015-8900 4.3
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
28-02-2017 - 13:11 27-02-2017 - 17:59
CVE-2016-2516 7.1
NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.
24-02-2017 - 14:10 30-01-2017 - 16:59
CVE-2016-2518 5.0
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
24-02-2017 - 14:08 30-01-2017 - 16:59
CVE-2016-1551 2.6
ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the s
24-02-2017 - 14:07 27-01-2017 - 12:59
CVE-2015-7976 4.0
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
24-02-2017 - 14:00 30-01-2017 - 16:59
CVE-2016-2517 4.9
NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value
24-02-2017 - 13:41 30-01-2017 - 16:59
CVE-2016-2519 4.9
ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.
24-02-2017 - 10:52 30-01-2017 - 16:59
CVE-2016-5388 5.1
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, wh
16-02-2017 - 21:59 18-07-2016 - 22:00
CVE-2015-8138 5.0
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
09-02-2017 - 21:59 30-01-2017 - 16:59
CVE-2015-8140 5.8
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
08-02-2017 - 10:37 30-01-2017 - 16:59