Max CVSS 10.0 Min CVSS 1.2 Total Count430
IDCVSSSummaryLast (major) updatePublished
CVE-2018-14665 None
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the
29-10-2018 - 08:29 25-10-2018 - 16:29
CVE-2018-12387 None
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as pa
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12385 None
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to w
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12379 None
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system wit
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12374 None
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9.
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12366 None
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-3214 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulner
16-10-2018 - 21:31 16-10-2018 - 21:31
CVE-2018-3183 6.8
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerabil
16-10-2018 - 21:31 16-10-2018 - 21:31
CVE-2018-1000805 None
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
08-10-2018 - 11:29 08-10-2018 - 11:29
CVE-2018-17456 None
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has
06-10-2018 - 10:29 06-10-2018 - 10:29
CVE-2018-14648 None
A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the do_search() function. An unauthenticated attacker could use this flaw to provoke a denial of service.
28-09-2018 - 09:29 28-09-2018 - 09:29
CVE-2018-14634 None
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6
25-09-2018 - 17:29 25-09-2018 - 17:29
CVE-2018-11781 None
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.
17-09-2018 - 10:29 17-09-2018 - 10:29
CVE-2018-14638 None
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
14-09-2018 - 15:29 14-09-2018 - 15:29
CVE-2016-7035 None
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon t
10-09-2018 - 12:29 10-09-2018 - 12:29
CVE-2018-16542 4.3
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
05-09-2018 - 14:29 05-09-2018 - 14:29
CVE-2018-10911 None
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
04-09-2018 - 10:29 04-09-2018 - 10:29
CVE-2018-10858 6.5
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and
22-08-2018 - 13:29 22-08-2018 - 13:29
CVE-2018-10846 1.9
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain
22-08-2018 - 09:29 22-08-2018 - 09:29
CVE-2018-10873 6.5
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its p
17-08-2018 - 08:29 17-08-2018 - 08:29
CVE-2018-10915 6.0
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru
09-08-2018 - 16:29 09-08-2018 - 16:29
CVE-2018-14526 3.3
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abu
08-08-2018 - 15:29 08-08-2018 - 15:29
CVE-2018-1336 5.0
An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and
02-08-2018 - 10:29 02-08-2018 - 10:29
CVE-2015-9262 7.5
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow.
01-08-2018 - 19:29 01-08-2018 - 19:29
CVE-2018-10897 9.3
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination d
01-08-2018 - 13:29 01-08-2018 - 13:29
CVE-2018-14682 6.8
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.
28-07-2018 - 19:29 28-07-2018 - 19:29
CVE-2016-9603 9.0
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged
27-07-2018 - 17:29 27-07-2018 - 17:29
CVE-2016-9578 5.0
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.
27-07-2018 - 17:29 27-07-2018 - 17:29
CVE-2017-15101 7.5
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.
27-07-2018 - 16:29 27-07-2018 - 16:29
CVE-2017-15097 7.2
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
27-07-2018 - 16:29 27-07-2018 - 16:29
CVE-2017-2626 2.1
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
27-07-2018 - 15:29 27-07-2018 - 15:29
CVE-2017-2620 9.0
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use t
27-07-2018 - 15:29 27-07-2018 - 15:29
CVE-2017-2616 4.7
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
27-07-2018 - 15:29 27-07-2018 - 15:29
CVE-2017-2640 7.5
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
27-07-2018 - 14:29 27-07-2018 - 14:29
CVE-2017-2590 5.5
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable,
27-07-2018 - 14:29 27-07-2018 - 14:29
CVE-2017-12173 4.0
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a gi
27-07-2018 - 12:29 27-07-2018 - 12:29
CVE-2017-12163 4.8
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to
26-07-2018 - 12:29 26-07-2018 - 12:29
CVE-2017-7537 5.0
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick t
26-07-2018 - 09:29 26-07-2018 - 09:29
CVE-2018-13988 4.3
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitab
25-07-2018 - 19:29 25-07-2018 - 19:29
CVE-2018-1002200 4.3
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
25-07-2018 - 13:29 25-07-2018 - 13:29
CVE-2018-10906 4.6
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_
24-07-2018 - 16:29 24-07-2018 - 16:29
CVE-2018-2952 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult t
18-07-2018 - 09:29 18-07-2018 - 09:29
CVE-2018-1113 4.6
setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow access based on a user's shell bein
02-07-2018 - 21:29 02-07-2018 - 21:29
CVE-2018-1080 6.8
Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules to be reversed. If a server is configured to process allow rules before deny rules (authz
02-07-2018 - 21:29 02-07-2018 - 21:29
CVE-2018-13033 4.3
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_p
01-07-2018 - 12:29 01-07-2018 - 12:29
CVE-2018-10852 5.0
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available fo
26-06-2018 - 10:29 26-06-2018 - 10:29
CVE-2017-2668 4.3
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bin
22-06-2018 - 09:29 22-06-2018 - 09:29
CVE-2018-3665 4.7
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
21-06-2018 - 16:29 21-06-2018 - 16:29
CVE-2018-1061 5.0
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
19-06-2018 - 08:29 19-06-2018 - 08:29
CVE-2018-11806 7.2
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
13-06-2018 - 12:29 13-06-2018 - 12:29
CVE-2018-5185 4.3
Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-5183 7.5
Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 5
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-5148 7.5
A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-5146 6.8
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-5145 7.5
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 an
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7778 7.5
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5469 7.5
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5428 7.5
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second v
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5410 7.5
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-12020 5.0
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" optio
08-06-2018 - 17:29 08-06-2018 - 17:29
CVE-2018-11235 6.8
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that
30-05-2018 - 00:29 30-05-2018 - 00:29
CVE-2018-1000301 6.4
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP
24-05-2018 - 09:29 24-05-2018 - 09:29
CVE-2018-1000199 4.9
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptra
24-05-2018 - 09:29 24-05-2018 - 09:29
CVE-2018-1126 7.5
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
23-05-2018 - 09:29 23-05-2018 - 09:29
CVE-2018-3639 4.9
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
22-05-2018 - 08:29 22-05-2018 - 08:29
CVE-2018-11237 4.6
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
18-05-2018 - 12:29 18-05-2018 - 12:29
CVE-2017-18270 3.6
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.
18-05-2018 - 12:29 18-05-2018 - 12:29
CVE-2018-1111 7.9
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network ab
17-05-2018 - 12:29 17-05-2018 - 12:29
CVE-2018-1089 5.0
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-sl
09-05-2018 - 11:29 09-05-2018 - 11:29
CVE-2018-0494 4.3
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
06-05-2018 - 18:29 06-05-2018 - 18:29
CVE-2018-10675 7.2
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
02-05-2018 - 14:29 02-05-2018 - 14:29
CVE-2018-10583 5.0
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg with
01-05-2018 - 12:29 01-05-2018 - 12:29
CVE-2017-2885 7.5
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable s
24-04-2018 - 15:29 24-04-2018 - 15:29
CVE-2018-1106 2.1
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a
23-04-2018 - 16:29 23-04-2018 - 16:29
CVE-2017-17833 7.5
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
23-04-2018 - 14:29 23-04-2018 - 14:29
CVE-2018-2819 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with
18-04-2018 - 22:29 18-04-2018 - 22:29
CVE-2018-2815 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploi
18-04-2018 - 22:29 18-04-2018 - 22:29
CVE-2018-1084 7.5
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
18-04-2018 - 21:29 12-04-2018 - 13:29
CVE-2018-1000156 6.8
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via th
06-04-2018 - 09:29 06-04-2018 - 09:29
CVE-2018-0739 4.3
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used w
27-03-2018 - 17:29 27-03-2018 - 17:29
CVE-2018-1000140 7.5
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to
23-03-2018 - 17:29 23-03-2018 - 17:29
CVE-2018-8088 7.5
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data.
20-03-2018 - 12:29 20-03-2018 - 12:29
CVE-2016-9575 6.5
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify p
13-03-2018 - 09:29 13-03-2018 - 09:29
CVE-2018-7858 2.1
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when up
12-03-2018 - 17:29 12-03-2018 - 17:29
CVE-2017-2619 6.0
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
12-03-2018 - 11:29 12-03-2018 - 11:29
CVE-2016-5320 None
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descr
11-03-2018 - 22:29 11-03-2018 - 22:29
CVE-2018-1000119 4.3
Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby
07-03-2018 - 09:29 07-03-2018 - 09:29
CVE-2018-1054 5.0
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially
07-03-2018 - 08:29 07-03-2018 - 08:29
CVE-2018-5730 5.5
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string w
06-03-2018 - 15:29 06-03-2018 - 15:29
CVE-2018-7727 4.3
An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack.
06-03-2018 - 12:29 06-03-2018 - 12:29
CVE-2018-1063 3.3
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling proc
02-03-2018 - 10:29 02-03-2018 - 10:29
CVE-2017-15134 5.0
A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-sla
01-03-2018 - 17:29 01-03-2018 - 17:29
CVE-2018-7549 5.0
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
27-02-2018 - 17:29 27-02-2018 - 17:29
CVE-2017-18201 7.5
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.
26-02-2018 - 09:29 26-02-2018 - 09:29
CVE-2018-6764 4.6
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
23-02-2018 - 12:29 23-02-2018 - 12:29
CVE-2018-7225 7.5
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an
19-02-2018 - 10:29 19-02-2018 - 10:29
CVE-2018-5379 7.5
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an
19-02-2018 - 08:29 19-02-2018 - 08:29
CVE-2018-1049 4.3
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will h
16-02-2018 - 16:29 16-02-2018 - 16:29
CVE-2018-1000026 6.8
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear
09-02-2018 - 18:29 09-02-2018 - 18:29
CVE-2018-6871 5.0
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
09-02-2018 - 01:29 09-02-2018 - 01:29
CVE-2018-6574 7.5
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not bloc
07-02-2018 - 16:29 07-02-2018 - 16:29
CVE-2018-6560 4.6
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in
02-02-2018 - 09:29 02-02-2018 - 09:29
CVE-2018-1000001 7.2
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
31-01-2018 - 09:29 31-01-2018 - 09:29
CVE-2018-5748 5.0
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
25-01-2018 - 11:29 25-01-2018 - 11:29
CVE-2018-5683 2.1
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
23-01-2018 - 13:29 23-01-2018 - 13:29
CVE-2018-5950 4.3
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
23-01-2018 - 11:29 23-01-2018 - 11:29
CVE-2016-10708 5.0
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
21-01-2018 - 17:29 21-01-2018 - 17:29
CVE-2016-6814 7.5
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible f
18-01-2018 - 13:29 18-01-2018 - 13:29
CVE-2018-1000004 7.1
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
16-01-2018 - 15:29 16-01-2018 - 15:29
CVE-2018-5345 6.8
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.
11-01-2018 - 19:29 11-01-2018 - 19:29
CVE-2017-15131 4.6
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux
09-01-2018 - 16:29 09-01-2018 - 16:29
CVE-2017-15124 7.8
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VN
09-01-2018 - 16:29 09-01-2018 - 16:29
CVE-2014-8119 5.0
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
29-12-2017 - 17:29 29-12-2017 - 17:29
CVE-2017-17790 7.5
The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-201
20-12-2017 - 04:29 20-12-2017 - 04:29
CVE-2017-3738 4.3
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult
07-12-2017 - 11:29 07-12-2017 - 11:29
CVE-2017-13167 7.2
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
06-12-2017 - 09:29 06-12-2017 - 09:29
CVE-2017-15275 5.0
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
27-11-2017 - 17:29 27-11-2017 - 17:29
CVE-2017-3157 4.3
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections
20-11-2017 - 15:29 20-11-2017 - 15:29
CVE-2017-16844 10.0
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcode
16-11-2017 - 10:29 16-11-2017 - 10:29
CVE-2015-7501 10.0
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x
09-11-2017 - 12:29 09-11-2017 - 12:29
CVE-2015-7529 4.6
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$host
06-11-2017 - 12:29 06-11-2017 - 12:29
CVE-2017-1000257 6.4
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. l
31-10-2017 - 17:29 31-10-2017 - 17:29
CVE-2017-13090 9.3
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative
27-10-2017 - 15:29 27-10-2017 - 15:29
CVE-2016-5003 7.5
The Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java object in an <ex:serializable> element.
27-10-2017 - 14:29 27-10-2017 - 14:29
CVE-2017-15906 5.0
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
25-10-2017 - 23:29 25-10-2017 - 23:29
CVE-2017-15649 4.6
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) t
19-10-2017 - 18:29 19-10-2017 - 18:29
CVE-2017-13088 2.9
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to repl
17-10-2017 - 09:29 17-10-2017 - 09:29
CVE-2017-15289 2.1
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
16-10-2017 - 14:29 16-10-2017 - 14:29
CVE-2017-12188 6.9
arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS
11-10-2017 - 11:29 11-10-2017 - 11:29
CVE-2017-1000117 6.8
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000116 7.5
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000112 6.9
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000098 5.0
The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. It was possible for an attacker to generate a multipart request crafted such that the server
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-12617 6.8
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload
03-10-2017 - 21:29 03-10-2017 - 21:29
CVE-2017-14496 7.8
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
02-10-2017 - 21:29 02-10-2017 - 21:29
CVE-2015-3248 4.7
openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service (disk cons
26-09-2017 - 11:29 26-09-2017 - 11:29
CVE-2017-14604 4.0
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command.
20-09-2017 - 04:29 20-09-2017 - 04:29
CVE-2015-7837 2.1
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secur
19-09-2017 - 12:29 19-09-2017 - 12:29
CVE-2015-1854 5.0
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.
19-09-2017 - 11:29 19-09-2017 - 11:29
CVE-2017-9798 5.0
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2
18-09-2017 - 11:29 18-09-2017 - 11:29
CVE-2017-14482 6.8
GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched exten
14-09-2017 - 12:29 14-09-2017 - 12:29
CVE-2017-1000251 8.3
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remot
12-09-2017 - 13:29 12-09-2017 - 13:29
CVE-2017-1000083 6.8
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option su
05-09-2017 - 02:29 05-09-2017 - 02:29
CVE-2017-13744 4.3
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2015-2675 5.0
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials met
18-08-2017 - 14:29 18-08-2017 - 14:29
CVE-2017-7555 7.5
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, le
17-08-2017 - 15:29 17-08-2017 - 15:29
CVE-2017-7551 5.0
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.
16-08-2017 - 14:29 16-08-2017 - 14:29
CVE-2017-7547 4.0
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having
16-08-2017 - 14:29 16-08-2017 - 14:29
CVE-2017-9800 7.5
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user
11-08-2017 - 17:29 11-08-2017 - 17:29
CVE-2016-8745 5.0
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the
10-08-2017 - 18:29 10-08-2017 - 18:29
CVE-2016-6797 5.0
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked
10-08-2017 - 18:29 10-08-2017 - 18:29
CVE-2017-11368 4.0
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.
09-08-2017 - 14:29 09-08-2017 - 14:29
CVE-2015-3405 5.0
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remot
09-08-2017 - 12:29 09-08-2017 - 12:29
CVE-2017-3651 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileg
08-08-2017 - 11:29 08-08-2017 - 11:29
CVE-2017-7533 6.9
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_han
05-08-2017 - 12:29 05-08-2017 - 12:29
CVE-2017-7890 4.3
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitia
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-10664 5.0
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2016-8743 5.0
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in
27-07-2017 - 17:29 27-07-2017 - 17:29
CVE-2017-11671 2.1
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDS
26-07-2017 - 17:29 26-07-2017 - 17:29
CVE-2017-7980 4.6
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display a
25-07-2017 - 10:29 25-07-2017 - 10:29
CVE-2017-7506 6.5
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
18-07-2017 - 11:29 18-07-2017 - 11:29
CVE-2017-10987 5.0
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.
17-07-2017 - 13:29 17-07-2017 - 13:29
CVE-2017-1000061 5.8
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-1000050 5.0
JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2016-0764 2.1
Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensiti
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-9788 6.4
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial ke
13-07-2017 - 12:29 13-07-2017 - 12:29
CVE-2016-8638 6.4
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenti
12-07-2017 - 09:29 12-07-2017 - 09:29
CVE-2017-9524 5.0
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initi
06-07-2017 - 12:29 06-07-2017 - 12:29
CVE-2015-3315 7.2
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-r
26-06-2017 - 11:29 26-06-2017 - 11:29
CVE-2017-9776 6.8
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
22-06-2017 - 17:29 22-06-2017 - 17:29
CVE-2017-1000379 7.2
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000366 7.2
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made t
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
17-06-2017 - 14:29 17-06-2017 - 14:29
CVE-2016-7050 7.5
SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.
08-06-2017 - 15:29 08-06-2017 - 15:29
CVE-2016-5416 5.0
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the
08-06-2017 - 15:29 08-06-2017 - 15:29
CVE-2016-3099 5.0
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
08-06-2017 - 15:29 08-06-2017 - 15:29
CVE-2017-9461 7.8
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
06-06-2017 - 17:29 06-06-2017 - 17:29
CVE-2017-5664 5.0
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request
06-06-2017 - 10:29 06-06-2017 - 10:29
CVE-2017-8386 6.5
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain pr
01-06-2017 - 12:29 01-06-2017 - 12:29
CVE-2017-7502 5.0
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
30-05-2017 - 14:29 30-05-2017 - 14:29
CVE-2017-9148 7.5
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 80
29-05-2017 - 13:29 29-05-2017 - 13:29
CVE-2017-9287 4.0
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.
29-05-2017 - 12:29 29-05-2017 - 12:29
CVE-2017-9242 4.9
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via craft
26-05-2017 - 21:29 26-05-2017 - 21:29
CVE-2017-8422 7.2
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
17-05-2017 - 10:29 17-05-2017 - 10:29
CVE-2017-7488 4.0
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
16-05-2017 - 14:29 16-05-2017 - 14:29
CVE-2017-7486 5.0
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
12-05-2017 - 15:29 12-05-2017 - 15:29
CVE-2017-7308 7.2
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or
11-05-2017 - 21:29 29-03-2017 - 16:59
CVE-2017-7895 10.0
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted reque
11-05-2017 - 10:19 28-04-2017 - 06:59
CVE-2017-8779 7.8
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (mem
10-05-2017 - 21:29 04-05-2017 - 10:29
CVE-2016-5195 7.2
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc
09-05-2017 - 21:29 10-11-2016 - 16:59
CVE-2016-2842 10.0
The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memo
09-05-2017 - 21:29 03-03-2016 - 15:59
CVE-2016-2183 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth
09-05-2017 - 21:29 31-08-2016 - 20:59
CVE-2016-0704 4.3
An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during us
09-05-2017 - 21:29 02-03-2016 - 06:59
CVE-2016-9444 5.0
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.
08-05-2017 - 21:29 12-01-2017 - 01:59
CVE-2016-8864 5.0
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive
08-05-2017 - 21:29 02-11-2016 - 13:59
CVE-2017-3544 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit
04-05-2017 - 14:01 24-04-2017 - 15:59
CVE-2016-0721 4.3
Session fixation vulnerability in pcsd in pcs before 0.9.157.
27-04-2017 - 12:15 21-04-2017 - 11:59
CVE-2016-6489 5.0
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
25-04-2017 - 13:38 14-04-2017 - 14:59
CVE-2016-4455 2.1
The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directo
25-04-2017 - 11:44 14-04-2017 - 14:59
CVE-2016-5410 2.1
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
25-04-2017 - 10:59 19-04-2017 - 10:59
CVE-2017-7869 5.0
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is
25-04-2017 - 09:23 14-04-2017 - 00:59
CVE-2017-5645 7.5
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
24-04-2017 - 20:32 17-04-2017 - 17:59
CVE-2016-8602 6.8
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty o
21-04-2017 - 12:03 14-04-2017 - 14:59
CVE-2017-7870 7.5
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
20-04-2017 - 14:11 14-04-2017 - 00:59
CVE-2016-5011 4.7
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot reco
17-04-2017 - 12:50 11-04-2017 - 11:59
CVE-2016-4989 6.9
setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a
17-04-2017 - 12:36 11-04-2017 - 14:59
CVE-2017-0553 7.6
An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process
12-04-2017 - 10:14 07-04-2017 - 18:59
CVE-2017-7396 5.0
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
04-04-2017 - 21:59 31-03-2017 - 22:59
CVE-2017-2636 7.2
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
31-03-2017 - 21:59 07-03-2017 - 17:59
CVE-2017-6464 4.0
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
29-03-2017 - 14:14 27-03-2017 - 13:59
CVE-2016-7797 5.0
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
28-03-2017 - 10:14 24-03-2017 - 11:59
CVE-2017-7207 4.3
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
23-03-2017 - 09:16 21-03-2017 - 02:59
CVE-2016-5387 5.1
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app
20-03-2017 - 21:59 18-07-2016 - 22:00
CVE-2016-5385 5.1
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attacker
20-03-2017 - 21:59 18-07-2016 - 22:00
CVE-2016-10168 6.8
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
16-03-2017 - 14:31 15-03-2017 - 11:59
CVE-2017-5898 2.1
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large A
16-03-2017 - 13:09 15-03-2017 - 15:59
CVE-2017-6011 4.3
An issue was discovered in icoutils 0.31.1. An out-of-bounds read leading to a buffer overflow was observed in the "simple_vec" function in the "extract.c" source file. This affects icotool.
13-03-2017 - 21:59 16-02-2017 - 06:59
CVE-2017-6074 7.2
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double
06-03-2017 - 14:31 18-02-2017 - 16:59
CVE-2017-5885 7.5
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColo
02-03-2017 - 10:35 28-02-2017 - 13:59
CVE-2016-3191 7.5
The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arb
28-02-2017 - 21:59 17-03-2016 - 19:59
CVE-2016-10002 5.0
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack req
27-02-2017 - 21:36 27-01-2017 - 12:59
CVE-2016-0778 4.6
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows r
16-02-2017 - 21:59 14-01-2016 - 17:59
CVE-2015-7547 6.8
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrar
16-02-2017 - 21:59 18-02-2016 - 16:59
CVE-2017-5848 5.0
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
13-02-2017 - 17:29 09-02-2017 - 10:59
CVE-2015-8158 4.3
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
07-02-2017 - 10:18 30-01-2017 - 16:59
CVE-2017-5486 7.5
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
01-02-2017 - 17:55 27-01-2017 - 20:59
CVE-2016-9813 4.3
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
27-01-2017 - 13:45 13-01-2017 - 11:59
CVE-2016-9809 6.8
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
27-01-2017 - 12:12 13-01-2017 - 11:59
CVE-2016-9808 5.0
The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.
27-01-2017 - 12:12 13-01-2017 - 11:59
CVE-2016-9401 2.1
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
26-01-2017 - 11:40 23-01-2017 - 16:59
CVE-2016-4994 6.8
Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
25-01-2017 - 21:59 12-07-2016 - 15:59
CVE-2015-7872 2.1
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
19-01-2017 - 21:59 16-11-2015 - 06:59
CVE-2014-3470 4.3
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereferen
18-01-2017 - 21:59 05-06-2014 - 17:55
CVE-2014-0224 6.8
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL
18-01-2017 - 21:59 05-06-2014 - 17:55
CVE-2016-8706 6.8
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
17-01-2017 - 21:59 06-01-2017 - 16:59
CVE-2016-5384 4.6
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
17-01-2017 - 21:59 12-08-2016 - 21:59
CVE-2016-5361 5.0
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1
17-01-2017 - 21:59 16-06-2016 - 10:59
CVE-2014-3577 5.8
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName fi
10-01-2017 - 21:59 21-08-2014 - 10:55
CVE-2016-9555 10.0
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified
06-01-2017 - 22:00 27-11-2016 - 22:59
CVE-2016-8666 7.8
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrat
06-01-2017 - 22:00 16-10-2016 - 17:59
CVE-2016-8283 4.0
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
06-01-2017 - 22:00 25-10-2016 - 10:31
CVE-2016-7795 4.9
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
06-01-2017 - 22:00 13-10-2016 - 10:59
CVE-2014-5077 5.4
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an assoc
06-01-2017 - 22:00 01-08-2014 - 07:13
CVE-2014-4943 6.9
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
06-01-2017 - 22:00 19-07-2014 - 15:55
CVE-2014-4721 2.6
The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent
06-01-2017 - 22:00 06-07-2014 - 19:55
CVE-2014-4667 5.0
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
06-01-2017 - 22:00 03-07-2014 - 00:22
CVE-2014-4039 2.1
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var
06-01-2017 - 22:00 17-06-2014 - 11:55
CVE-2014-3609 5.0
HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."
06-01-2017 - 22:00 11-09-2014 - 14:55
CVE-2014-3560 7.9
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the u
06-01-2017 - 22:00 06-08-2014 - 14:55
CVE-2014-3493 2.7
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname wi
06-01-2017 - 22:00 23-06-2014 - 10:55
CVE-2014-3490 7.5
RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red Hat JBoss Enterprise Application Platform (EAP) 6.3.0, does not disable external entities when the resteasy.document.expand.entity.references parameter is set to false, which allows
06-01-2017 - 22:00 19-08-2014 - 14:55
CVE-2014-3469 4.3
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.
06-01-2017 - 21:59 05-06-2014 - 16:55
CVE-2014-3466 6.8
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code
06-01-2017 - 21:59 03-06-2014 - 10:55
CVE-2014-3153 7.2
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe wai
06-01-2017 - 21:59 07-06-2014 - 10:55
CVE-2014-2438 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
06-01-2017 - 21:59 15-04-2014 - 22:55
CVE-2014-2427 7.5
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
06-01-2017 - 21:59 15-04-2014 - 22:55
CVE-2014-1492 4.3
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which
06-01-2017 - 21:59 25-03-2014 - 09:25
CVE-2014-0240 6.2
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of runnin
06-01-2017 - 21:59 27-05-2014 - 10:55
CVE-2014-0231 5.0
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
06-01-2017 - 21:59 20-07-2014 - 07:12
CVE-2014-0196 6.9
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or
06-01-2017 - 21:59 07-05-2014 - 06:55
CVE-2014-0119 4.3
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web a
06-01-2017 - 21:59 31-05-2014 - 07:17
CVE-2014-0099 4.3
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a craf
06-01-2017 - 21:59 31-05-2014 - 07:17
CVE-2015-3622 4.3
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.
02-01-2017 - 22:00 12-05-2015 - 15:59
CVE-2015-3456 7.7
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
02-01-2017 - 22:00 13-05-2015 - 14:59
CVE-2015-3416 7.5
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-b
02-01-2017 - 22:00 24-04-2015 - 13:59
CVE-2015-3148 5.0
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
02-01-2017 - 22:00 24-04-2015 - 10:59
CVE-2015-1782 6.8
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
02-01-2017 - 21:59 13-03-2015 - 10:59
CVE-2015-1421 10.0
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by tri
02-01-2017 - 21:59 16-03-2015 - 06:59
CVE-2015-0432 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
02-01-2017 - 21:59 21-01-2015 - 14:59
CVE-2015-0252 5.0
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
02-01-2017 - 21:59 24-03-2015 - 13:59
CVE-2014-9112 5.0
Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.
02-01-2017 - 21:59 02-12-2014 - 11:59
CVE-2014-8169 4.4
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges v
02-01-2017 - 21:59 18-03-2015 - 12:59
CVE-2014-8108 5.0
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a
02-01-2017 - 21:59 18-12-2014 - 10:59
CVE-2014-8106 4.6
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for
02-01-2017 - 21:59 08-12-2014 - 11:59
CVE-2014-8090 5.0
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string
02-01-2017 - 21:59 21-11-2014 - 10:59
CVE-2014-7841 5.0
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malf
02-01-2017 - 21:59 29-11-2014 - 20:59
CVE-2014-7823 5.0
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.
02-01-2017 - 21:59 13-11-2014 - 16:32
CVE-2014-7817 4.6
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
02-01-2017 - 21:59 24-11-2014 - 10:59
CVE-2014-6559 4.3
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
02-01-2017 - 21:59 15-10-2014 - 18:55
CVE-2014-3615 2.1
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
02-01-2017 - 21:59 01-11-2014 - 19:55
CVE-2014-0227 6.4
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote atta
02-01-2017 - 21:59 15-02-2015 - 19:59
CVE-2014-0191 4.3
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless
02-01-2017 - 21:59 21-01-2015 - 09:59
CVE-2015-5366 5.0
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect chec
30-12-2016 - 21:59 31-08-2015 - 06:59
CVE-2015-5330 5.0
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending craft
30-12-2016 - 21:59 29-12-2015 - 17:59
CVE-2015-4620 7.8
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon ex
30-12-2016 - 21:59 08-07-2015 - 10:59
CVE-2015-3983 4.3
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was
30-12-2016 - 21:59 14-05-2015 - 10:59
CVE-2015-2830 1.9
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the
30-12-2016 - 21:59 27-05-2015 - 06:59
CVE-2015-1827 5.0
The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user th
30-12-2016 - 21:59 30-03-2015 - 10:59
CVE-2016-3044 4.9
The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.
30-12-2016 - 11:56 01-12-2016 - 06:59
CVE-2015-3279 7.5
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buff
27-12-2016 - 21:59 14-07-2015 - 12:59
CVE-2016-5696 5.8
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
23-12-2016 - 21:59 06-08-2016 - 16:59
CVE-2016-5636 10.0
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based bu
23-12-2016 - 21:59 02-09-2016 - 10:59
CVE-2015-6248 4.3
The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application cras
23-12-2016 - 21:59 24-08-2015 - 19:59
CVE-2015-5289 6.4
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (
23-12-2016 - 21:59 26-10-2015 - 10:59
CVE-2015-5165 5.0
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
23-12-2016 - 21:59 12-08-2015 - 10:59
CVE-2015-5154 7.2
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
23-12-2016 - 21:59 12-08-2015 - 10:59
CVE-2015-4864 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
23-12-2016 - 21:59 21-10-2015 - 19:59
CVE-2015-3636 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and sy
23-12-2016 - 21:59 05-08-2015 - 21:59
CVE-2015-3246 7.2
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the
23-12-2016 - 21:59 11-08-2015 - 10:59
CVE-2015-3225 5.0
lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.
23-12-2016 - 21:59 26-07-2015 - 18:59
CVE-2015-3187 4.0
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node tha
23-12-2016 - 21:59 12-08-2015 - 10:59
CVE-2015-3185 4.3
The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote
23-12-2016 - 21:59 20-07-2015 - 19:59
CVE-2015-2775 7.6
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
23-12-2016 - 21:59 13-04-2015 - 10:59
CVE-2015-1345 2.1
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
23-12-2016 - 21:59 12-02-2015 - 11:59
CVE-2015-0836 7.5
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss
23-12-2016 - 21:59 25-02-2015 - 06:59
CVE-2014-3565 5.0
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB f
23-12-2016 - 21:59 07-10-2014 - 10:55
CVE-2012-6662 4.3
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not prope
23-12-2016 - 21:59 24-11-2014 - 11:59
CVE-2016-7091 4.9
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted
23-12-2016 - 13:17 22-12-2016 - 16:59
CVE-2016-9675 6.8
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
23-12-2016 - 09:44 22-12-2016 - 16:59
CVE-2015-6564 6.9
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MON
21-12-2016 - 22:00 23-08-2015 - 21:59
CVE-2015-3455 2.6
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle atta
21-12-2016 - 21:59 18-05-2015 - 11:59
CVE-2015-3331 9.3
The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of serv
21-12-2016 - 21:59 27-05-2015 - 06:59
CVE-2015-3247 6.9
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via un
21-12-2016 - 21:59 08-09-2015 - 11:59
CVE-2014-6055 6.5
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) d
21-12-2016 - 21:59 30-09-2014 - 12:55
CVE-2014-8241 7.5
XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.
19-12-2016 - 21:59 14-12-2016 - 17:59
CVE-2016-5424 4.6
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \
14-12-2016 - 12:59 09-12-2016 - 18:59
CVE-2015-5156 6.1
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corrup
07-12-2016 - 22:09 19-10-2015 - 06:59
CVE-2015-0240 10.0
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execu
07-12-2016 - 22:06 23-02-2015 - 20:59
CVE-2016-0494 10.0
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2
07-12-2016 - 13:31 20-01-2016 - 22:00
CVE-2015-8472 7.5
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or
07-12-2016 - 13:28 21-01-2016 - 10:59
CVE-2015-8370 6.9
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get f
07-12-2016 - 13:27 16-12-2015 - 16:59
CVE-2015-8104 4.7
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
07-12-2016 - 13:26 16-11-2015 - 06:59
CVE-2015-5302 5.0
libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds,
07-12-2016 - 13:16 07-12-2015 - 13:59
CVE-2015-5292 6.8
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a larg
07-12-2016 - 13:16 29-10-2015 - 12:59
CVE-2015-5281 2.6
The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in t
07-12-2016 - 13:16 24-11-2015 - 15:59
CVE-2015-4142 4.3
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which
07-12-2016 - 13:11 15-06-2015 - 11:59
CVE-2015-3256 4.6
PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."
07-12-2016 - 13:11 26-10-2015 - 15:59
CVE-2015-2924 3.3
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Adverti
07-12-2016 - 13:10 16-11-2015 - 16:59
CVE-2015-2694 5.8
The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1
07-12-2016 - 13:10 25-05-2015 - 15:59
CVE-2015-1867 7.5
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.
07-12-2016 - 13:09 12-08-2015 - 10:59
CVE-2012-2150 5.0
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
06-12-2016 - 22:00 25-08-2015 - 13:59
CVE-2016-1526 5.8
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive inform
05-12-2016 - 22:07 12-02-2016 - 21:59
CVE-2016-0795 9.3
LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.
05-12-2016 - 22:05 18-02-2016 - 16:59
CVE-2016-0773 5.0
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a
05-12-2016 - 22:05 17-02-2016 - 10:59
CVE-2016-0728 7.2
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us
05-12-2016 - 22:05 07-02-2016 - 22:59
CVE-2015-8631 6.8
Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL pr
05-12-2016 - 22:04 12-02-2016 - 21:59
CVE-2015-1781 6.8
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS respo
05-12-2016 - 21:59 28-09-2015 - 16:59
CVE-2016-3427 10.0
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
02-12-2016 - 22:26 21-04-2016 - 07:00
CVE-2016-3115 5.5
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_
02-12-2016 - 22:26 22-03-2016 - 06:59
CVE-2016-2774 7.1
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establis
02-12-2016 - 22:25 09-03-2016 - 10:59
CVE-2016-1979 6.8
Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly h
02-12-2016 - 22:24 13-03-2016 - 14:59
CVE-2016-1714 6.9
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-o
02-12-2016 - 22:22 07-04-2016 - 15:59
CVE-2016-0774 5.6
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do
02-12-2016 - 22:18 27-04-2016 - 13:59
CVE-2016-0729 7.5
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corrupti
02-12-2016 - 22:17 07-04-2016 - 17:59
CVE-2016-0636 9.3
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
02-12-2016 - 22:16 24-03-2016 - 14:59
CVE-2015-8779 7.5
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
02-12-2016 - 22:14 19-04-2016 - 17:59
CVE-2015-3240 4.3
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.
02-12-2016 - 22:09 09-11-2015 - 11:59
CVE-2015-3204 5.0
libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.
02-12-2016 - 22:08 01-07-2015 - 10:59
CVE-2015-2704 5.0
realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response.
02-12-2016 - 22:05 18-05-2015 - 11:59
CVE-2014-8121 5.0
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by perfor
02-12-2016 - 22:01 27-03-2015 - 10:59
CVE-2014-3693 7.5
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP p
02-12-2016 - 22:01 07-11-2014 - 14:55
CVE-2016-3712 2.1
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
30-11-2016 - 22:10 11-05-2016 - 17:59
CVE-2016-3710 7.2
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Port
30-11-2016 - 22:10 11-05-2016 - 17:59
CVE-2015-8868 9.3
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mo
30-11-2016 - 22:01 06-05-2016 - 13:59
CVE-2015-8325 7.2
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted
30-11-2016 - 22:01 30-04-2016 - 21:59
CVE-2015-7545 7.5
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execut
30-11-2016 - 22:01 13-04-2016 - 11:59
CVE-2016-4556 5.0
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
29-11-2016 - 22:07 10-05-2016 - 15:59
CVE-2016-2150 3.6
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.
29-11-2016 - 22:04 09-06-2016 - 12:59
CVE-2015-8710 7.5
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed H
29-11-2016 - 22:02 11-04-2016 - 17:59
CVE-2015-5261 3.6
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
29-11-2016 - 22:01 07-06-2016 - 10:06
CVE-2015-4643 7.5
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer ov
29-11-2016 - 22:01 16-05-2016 - 06:59
CVE-2016-9084 4.6
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device fil
28-11-2016 - 17:04 27-11-2016 - 22:59
CVE-2016-6325 7.2
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging me
28-11-2016 - 15:31 13-10-2016 - 10:59
CVE-2016-6198 4.9
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related t
28-11-2016 - 15:30 06-08-2016 - 16:59
CVE-2016-5768 7.5
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial o
28-11-2016 - 15:29 07-08-2016 - 06:59
CVE-2016-5444 4.3
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related
28-11-2016 - 15:25 21-07-2016 - 06:14
CVE-2016-5403 4.9
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
28-11-2016 - 15:25 02-08-2016 - 12:59
CVE-2016-5008 4.3
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
28-11-2016 - 15:22 13-07-2016 - 11:59
CVE-2016-4971 4.3
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
28-11-2016 - 15:22 30-06-2016 - 13:59
CVE-2016-4565 7.2
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int
28-11-2016 - 15:18 23-05-2016 - 06:59
CVE-2016-4470 4.9
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft
28-11-2016 - 15:18 27-06-2016 - 06:59
CVE-2016-4463 5.0
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
28-11-2016 - 15:18 08-07-2016 - 15:59
CVE-2016-3948 5.0
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
28-11-2016 - 15:14 07-04-2016 - 14:59
CVE-2016-3471 7.1
Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.
28-11-2016 - 15:09 21-07-2016 - 06:12
CVE-2016-3120 4.0
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows r
28-11-2016 - 15:06 31-07-2016 - 22:59
CVE-2016-3092 7.8
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (
28-11-2016 - 15:06 04-07-2016 - 18:59
CVE-2016-3075 5.0
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
28-11-2016 - 15:06 01-06-2016 - 16:59
CVE-2016-2857 2.1
The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.
28-11-2016 - 15:05 11-04-2016 - 22:00
CVE-2016-2119 6.8
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSI
28-11-2016 - 15:03 07-07-2016 - 11:59
CVE-2016-0758 7.2
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
28-11-2016 - 14:55 27-06-2016 - 06:59
CVE-2015-8869 6.4
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
28-11-2016 - 14:50 13-06-2016 - 15:59
CVE-2015-5277 7.2
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS
28-11-2016 - 14:32 17-12-2015 - 14:59
CVE-2015-0267 3.6
The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file.
28-11-2016 - 14:16 19-05-2015 - 14:59
CVE-2014-9653 7.5
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers t
28-11-2016 - 14:14 30-03-2015 - 06:59
CVE-2014-9423 5.0
The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attacker
28-11-2016 - 14:13 19-02-2015 - 06:59
CVE-2014-9365 5.8
The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify tha
28-11-2016 - 14:13 12-12-2014 - 06:59
CVE-2014-9273 4.6
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
28-11-2016 - 14:13 08-12-2014 - 11:59
CVE-2014-8964 5.0
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
28-11-2016 - 14:13 16-12-2014 - 13:59
CVE-2014-8738 5.0
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.
28-11-2016 - 14:13 15-01-2015 - 10:59
CVE-2014-8602 4.3
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
28-11-2016 - 14:13 10-12-2014 - 21:59
CVE-2014-4338 4.0
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access t
28-11-2016 - 14:12 22-06-2014 - 17:55
CVE-2013-0334 5.0
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.
28-11-2016 - 14:08 31-10-2014 - 10:55
CVE-2013-6371 5.0
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
21-11-2016 - 20:47 22-04-2014 - 09:06
CVE-2014-5120 6.4
gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1)
25-10-2016 - 22:00 22-08-2014 - 21:55
CVE-2014-3634 7.5
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an
17-10-2016 - 23:44 01-11-2014 - 20:55
CVE-2015-3276 5.0
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified
14-10-2016 - 22:01 07-12-2015 - 15:59
CVE-2015-1779 7.8
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
14-10-2016 - 22:00 12-01-2016 - 14:59
CVE-2014-7185 6.4
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
14-10-2016 - 21:59 08-10-2014 - 13:55
CVE-2016-0741 7.8
slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.
11-10-2016 - 22:01 19-04-2016 - 17:59
CVE-2014-3581 5.0
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP
11-10-2016 - 21:59 10-10-2014 - 06:55
CVE-2016-7167 7.5
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a h
11-10-2016 - 08:17 07-10-2016 - 10:59
CVE-2016-7141 5.0
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file
04-10-2016 - 13:27 03-10-2016 - 17:59
CVE-2016-3698 6.8
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity d
03-10-2016 - 22:08 13-06-2016 - 15:59
CVE-2016-3069 6.8
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
03-10-2016 - 22:07 13-04-2016 - 12:59
CVE-2016-5386 6.8
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi
28-09-2016 - 11:40 18-07-2016 - 22:00
CVE-2016-7166 4.3
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
28-09-2016 - 11:24 21-09-2016 - 10:25
CVE-2014-8564 5.0
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptograp
08-09-2016 - 09:08 13-11-2014 - 16:32
CVE-2014-7300 7.2
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstati
31-08-2016 - 11:08 25-12-2014 - 16:59
CVE-2015-0236 3.5
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interf
30-08-2016 - 10:13 29-01-2015 - 10:59
CVE-2014-0189 2.1
virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.
26-08-2016 - 08:02 02-05-2014 - 10:55
CVE-2014-9322 7.2
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access t
22-08-2016 - 22:08 17-12-2014 - 06:59
CVE-2014-6410 4.7
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UD
22-08-2016 - 22:08 28-09-2014 - 06:55
CVE-2014-3686 6.8
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
26-07-2016 - 21:59 15-10-2014 - 20:55
CVE-2014-8112 4.0
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by re
30-06-2016 - 12:55 10-03-2015 - 10:59
CVE-2014-3917 3.3
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a lar
01-04-2016 - 14:27 05-06-2014 - 13:55
CVE-2015-7496 7.2
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.
25-11-2015 - 12:49 24-11-2015 - 15:59
CVE-2014-8118 10.0
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
10-09-2015 - 11:29 16-12-2014 - 13:59
CVE-2015-3213 7.2
The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.
12-08-2015 - 14:48 12-08-2015 - 10:59
CVE-2015-0274 7.2
The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges
26-03-2015 - 21:59 16-03-2015 - 06:59
CVE-2014-9278 4.0
The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass in
17-03-2015 - 22:03 06-12-2014 - 10:59
CVE-2014-4040 5.0
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain
11-03-2015 - 21:59 17-06-2014 - 11:55
CVE-2014-8165 10.0
scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.
20-02-2015 - 19:04 19-02-2015 - 10:59
CVE-2014-5177 1.2
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the
23-12-2014 - 22:00 03-08-2014 - 14:55
CVE-2014-3657 5.0
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the
18-11-2014 - 22:01 06-10-2014 - 10:55
CVE-2014-3677 7.5
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.
13-11-2014 - 22:05 22-10-2014 - 10:55
CVE-2014-2894 7.2
Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption.
13-11-2014 - 22:03 23-04-2014 - 11:55
CVE-2014-3461 6.8
hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."
05-11-2014 - 13:50 04-11-2014 - 16:55
CVE-2014-5033 6.9
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (
16-10-2014 - 03:22 19-08-2014 - 14:55
CVE-2014-6269 5.0
Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out
02-10-2014 - 14:31 30-09-2014 - 10:55
CVE-2014-0186 5.0
A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression.
16-06-2014 - 10:52 14-06-2014 - 07:18
Back to Top Mark selected
Back to Top