Max CVSS 10.0 Min CVSS 1.9 Total Count166
IDCVSSSummaryLast (major) updatePublished
CVE-2016-2123 6.5
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database.
01-11-2018 - 09:29 01-11-2018 - 09:29
CVE-2016-2125 3.3
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to othe
31-10-2018 - 16:29 31-10-2018 - 16:29
CVE-2016-9580 6.8
An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.
01-08-2018 - 12:29 01-08-2018 - 12:29
CVE-2016-9572 4.3
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processi
01-08-2018 - 12:29 01-08-2018 - 12:29
CVE-2016-9581 6.8
An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.
01-08-2018 - 10:29 01-08-2018 - 10:29
CVE-2016-9573 5.8
An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.
01-08-2018 - 02:29 01-08-2018 - 02:29
CVE-2016-9074 4.3
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2016-9594 6.8
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
23-04-2018 - 15:29 23-04-2018 - 15:29
CVE-2016-8743 5.0
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2016-2161 5.0
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2016-0736 5.0
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated en
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2016-9961 10.0
game-music-emu before 0.6.1 mishandles unspecified integer values.
06-06-2017 - 14:29 06-06-2017 - 14:29
CVE-2016-9960 2.1
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
06-06-2017 - 14:29 06-06-2017 - 14:29
CVE-2016-2126 4.0
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerbero
11-05-2017 - 10:29 11-05-2017 - 10:29
CVE-2016-9311 7.1
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-9310 6.4
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-8740 5.0
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via cr
09-05-2017 - 21:29 05-12-2016 - 14:59
CVE-2016-7434 5.0
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-7433 5.0
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-7431 5.0
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-7428 3.3
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-7427 3.3
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-7426 4.3
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses wit
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2016-2183 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth
09-05-2017 - 21:29 31-08-2016 - 20:59
CVE-2016-7530 4.3
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
09-05-2017 - 08:39 20-04-2017 - 14:59
CVE-2016-9958 6.8
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
20-04-2017 - 08:47 12-04-2017 - 16:59
CVE-2016-9957 6.8
Stack-based buffer overflow in game-music-emu before 0.6.1.
20-04-2017 - 08:45 12-04-2017 - 16:59
CVE-2016-9959 6.8
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
20-04-2017 - 08:26 12-04-2017 - 16:59
CVE-2016-9922 2.1
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors invol
31-03-2017 - 12:38 27-03-2017 - 11:59
CVE-2016-8866 6.8
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because
27-03-2017 - 21:59 15-02-2017 - 14:59
CVE-2016-8862 6.8
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
27-03-2017 - 21:59 15-02-2017 - 14:59
CVE-2016-9556 4.3
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
24-03-2017 - 11:09 23-03-2017 - 14:59
CVE-2016-7800 5.0
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
23-03-2017 - 21:59 06-02-2017 - 12:59
CVE-2014-9848 5.0
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
22-03-2017 - 13:23 20-03-2017 - 12:59
CVE-2016-5387 5.1
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app
20-03-2017 - 21:59 18-07-2016 - 22:00
CVE-2016-6210 4.3
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference be
09-03-2017 - 11:51 13-02-2017 - 12:59
CVE-2016-9794 7.2
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafte
08-03-2017 - 13:11 28-12-2016 - 02:59
CVE-2016-8655 7.2
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet
07-03-2017 - 21:59 08-12-2016 - 03:59
CVE-2016-9559 4.3
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
02-03-2017 - 21:59 01-03-2017 - 10:59
CVE-2016-0718 7.5
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
02-03-2017 - 21:59 26-05-2016 - 12:59
CVE-2016-9132 7.5
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which
02-03-2017 - 10:47 30-01-2017 - 17:59
CVE-2016-9830 4.3
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
02-03-2017 - 10:35 01-03-2017 - 15:59
CVE-2016-5240 4.3
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
28-02-2017 - 14:04 27-02-2017 - 17:59
CVE-2016-9817 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set.
28-02-2017 - 10:11 27-02-2017 - 17:59
CVE-2016-9816 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2.
28-02-2017 - 10:03 27-02-2017 - 17:59
CVE-2016-9818 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.
28-02-2017 - 09:54 27-02-2017 - 17:59
CVE-2016-9815 4.9
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort.
28-02-2017 - 09:53 27-02-2017 - 17:59
CVE-2016-10003 5.0
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
27-02-2017 - 21:37 27-01-2017 - 12:59
CVE-2016-10002 5.0
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack req
27-02-2017 - 21:36 27-01-2017 - 12:59
CVE-2016-2178 2.1
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
23-02-2017 - 14:43 19-06-2016 - 21:59
CVE-2016-2177 7.5
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveragi
23-02-2017 - 14:43 19-06-2016 - 21:59
CVE-2016-9773 4.3
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists bec
23-02-2017 - 11:09 16-02-2017 - 21:59
CVE-2016-9637 3.7
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
23-02-2017 - 11:07 16-02-2017 - 21:59
CVE-2016-8682 5.0
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
17-02-2017 - 09:30 15-02-2017 - 14:59
CVE-2016-8684 6.8
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
17-02-2017 - 09:22 15-02-2017 - 14:59
CVE-2016-8683 6.8
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
17-02-2017 - 09:02 15-02-2017 - 14:59
CVE-2016-9963 2.6
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
15-02-2017 - 07:47 01-02-2017 - 10:59
CVE-2016-9939 5.0
Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then t
07-02-2017 - 16:42 30-01-2017 - 16:59
CVE-2016-2317 4.3
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr
07-02-2017 - 16:39 03-02-2017 - 10:59
CVE-2016-2318 4.3
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath
07-02-2017 - 14:19 03-02-2017 - 10:59
CVE-2016-6306 4.3
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-6304 7.8
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
01-02-2017 - 21:59 26-09-2016 - 15:59
CVE-2016-9932 2.1
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.
27-01-2017 - 11:08 26-01-2017 - 10:59
CVE-2016-9381 6.9
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
26-01-2017 - 09:42 23-01-2017 - 16:59
CVE-2016-9382 4.6
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switchi
26-01-2017 - 09:39 23-01-2017 - 16:59
CVE-2016-9386 4.6
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
26-01-2017 - 09:38 23-01-2017 - 16:59
CVE-2016-9379 4.6
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration
26-01-2017 - 09:31 23-01-2017 - 16:59
CVE-2016-9380 4.6
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
26-01-2017 - 09:31 23-01-2017 - 16:59
CVE-2016-9383 7.2
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emu
26-01-2017 - 08:52 23-01-2017 - 16:59
CVE-2016-10033 7.5
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
25-01-2017 - 21:59 30-12-2016 - 14:59
CVE-2016-7997 5.0
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
23-01-2017 - 18:51 18-01-2017 - 12:59
CVE-2016-7996 7.5
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
23-01-2017 - 18:49 18-01-2017 - 12:59
CVE-2016-9935 7.5
The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty bo
17-01-2017 - 21:59 04-01-2017 - 15:59
CVE-2016-9934 5.0
ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.
17-01-2017 - 21:59 04-01-2017 - 15:59
CVE-2016-9933 5.0
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation vi
17-01-2017 - 21:59 04-01-2017 - 15:59
CVE-2016-9576 7.2
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-af
17-01-2017 - 21:59 28-12-2016 - 02:59
CVE-2016-8860 5.0
Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote a
17-01-2017 - 21:59 04-01-2017 - 15:59
CVE-2016-1248 6.8
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
17-01-2017 - 21:59 23-11-2016 - 10:59
CVE-2016-9105 2.1
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
10-01-2017 - 23:13 09-12-2016 - 17:59
CVE-2016-9101 2.1
Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.
10-01-2017 - 23:10 09-12-2016 - 17:59
CVE-2016-9106 2.1
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.
10-01-2017 - 21:59 09-12-2016 - 17:59
CVE-2016-9555 10.0
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified
06-01-2017 - 22:00 27-11-2016 - 22:59
CVE-2016-9104 2.1
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which tr
06-01-2017 - 22:00 09-12-2016 - 17:59
CVE-2016-8910 1.9
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
06-01-2017 - 22:00 04-11-2016 - 17:59
CVE-2016-8909 1.9
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer posi
06-01-2017 - 22:00 04-11-2016 - 17:59
CVE-2016-8669 1.9
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater th
06-01-2017 - 22:00 04-11-2016 - 17:59
CVE-2016-8668 1.9
The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size.
06-01-2017 - 22:00 04-11-2016 - 17:59
CVE-2016-8667 1.9
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
06-01-2017 - 22:00 04-11-2016 - 17:59
CVE-2016-8578 1.9
The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P o
06-01-2017 - 22:00 04-11-2016 - 17:59
CVE-2016-8577 1.9
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.
06-01-2017 - 22:00 04-11-2016 - 17:59
CVE-2016-8576 1.9
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local