Max CVSS 10.0 Min CVSS 1.9 Total Count83
IDCVSSSummaryLast (major) updatePublished
CVE-2017-3135 4.3
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-0359 10.0
diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.
13-04-2018 - 12:29 13-04-2018 - 12:29
CVE-2016-2183 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth
09-05-2017 - 21:29 31-08-2016 - 20:59
CVE-2017-1001000 5.0
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a re
10-04-2017 - 21:17 02-04-2017 - 21:59
CVE-2016-7097 3.6
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permission
07-04-2017 - 21:59 16-10-2016 - 17:59
CVE-2016-10195 7.5
The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read.
21-03-2017 - 10:29 15-03-2017 - 11:59
CVE-2016-10197 5.0
The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.
17-03-2017 - 09:17 15-03-2017 - 11:59
CVE-2016-10196 5.0
Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string ar
17-03-2017 - 09:17 15-03-2017 - 11:59
CVE-2016-10166 7.5
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
16-03-2017 - 15:11 15-03-2017 - 11:59
CVE-2016-10167 4.3
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
16-03-2017 - 14:48 15-03-2017 - 11:59
CVE-2016-10168 6.8
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
16-03-2017 - 14:31 15-03-2017 - 11:59
CVE-2016-6906 4.3
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
16-03-2017 - 11:17 15-03-2017 - 10:59
CVE-2017-2981 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2980 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2979 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2978 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2977 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2976 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2975 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2974 5.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.
14-03-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-3896 4.3
Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated.
14-03-2017 - 15:03 13-02-2017 - 11:59
CVE-2016-9806 7.2
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes send
07-03-2017 - 21:59 28-12-2016 - 02:59
CVE-2016-9793 7.2
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspe
07-03-2017 - 21:59 28-12-2016 - 02:59
CVE-2017-3807 8.0
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insuf
28-02-2017 - 21:59 09-02-2017 - 12:59
CVE-2017-2996 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2995 6.8
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2993 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2992 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2991 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2990 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2988 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2987 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2986 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2985 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2984 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2982 10.0
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2017-2973 10.0
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
28-02-2017 - 21:59 15-02-2017 - 01:59
CVE-2016-10164 7.5
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensi
22-02-2017 - 11:19 01-02-2017 - 10:59
CVE-2017-3272 6.8
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthent
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2017-3261 4.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthen
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2017-3253 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerabi
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2017-3252 2.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulne
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2017-3241 6.8
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulner
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2017-3231 4.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthen
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2016-5552 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable v
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2016-5548 4.3
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthent
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2016-5546 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vu
10-02-2017 - 21:59 27-01-2017 - 17:59
CVE-2017-5551 3.6
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid pro
09-02-2017 - 16:53 06-02-2017 - 01:59
CVE-2017-2583 4.6
The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest O
09-02-2017 - 14:11 06-02-2017 - 01:59
CVE-2016-9317 7.1
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.
31-01-2017 - 21:59 26-01-2017 - 10:59
CVE-2016-6912 7.5
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.
31-01-2017 - 21:59 26-01-2017 - 10:59
CVE-2017-2584 3.6
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, f
18-01-2017 - 10:26 14-01-2017 - 21:59
CVE-2016-9576 7.2
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-af
17-01-2017 - 21:59 28-12-2016 - 02:59
CVE-2016-8399 7.6
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a
17-01-2017 - 21:59 12-01-2017 - 10:59
CVE-2015-8962 9.3
Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_I
17-01-2017 - 21:59 16-11-2016 - 00:59
CVE-2016-9756 2.1
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
06-01-2017 - 22:00 28-12-2016 - 02:59
CVE-2016-9427 7.5
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.
06-01-2017 - 22:00 11-12-2016 - 21:59
CVE-2016-8658 5.6
Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspec
06-01-2017 - 22:00 16-10-2016 - 17:59
CVE-2016-7425 7.2
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow)
06-01-2017 - 22:00 16-10-2016 - 17:59
CVE-2016-7042 4.9
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a deni
06-01-2017 - 22:00 16-10-2016 - 17:59
CVE-2016-10088 6.9
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of ser
06-01-2017 - 22:00 30-12-2016 - 13:59
CVE-2016-6828 4.9
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-
02-01-2017 - 22:00 16-10-2016 - 17:59
CVE-2016-5696 5.8
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
23-12-2016 - 21:59 06-08-2016 - 16:59
CVE-2015-3310 4.3
Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message
07-12-2016 - 13:11 24-04-2015 - 10:59
CVE-2016-8645 4.9
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_
02-12-2016 - 22:27 27-11-2016 - 22:59
CVE-2016-7914 7.1
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service
02-12-2016 - 05:48 16-11-2016 - 00:59
CVE-2016-9083 7.2
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file fo
29-11-2016 - 14:15 27-11-2016 - 22:59
CVE-2016-8633 6.2
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
28-11-2016 - 18:34 27-11-2016 - 22:59
CVE-2016-9084 4.6
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device fil
28-11-2016 - 17:04 27-11-2016 - 22:59
CVE-2016-7913 9.3
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certai
28-11-2016 - 15:39 16-11-2016 - 00:59
CVE-2016-7911 9.3
Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.
28-11-2016 - 15:39 16-11-2016 - 00:59
CVE-2016-7910 9.3
Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had
28-11-2016 - 15:39 16-11-2016 - 00:59
CVE-2016-6480 4.7
Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fe
28-11-2016 - 15:33 06-08-2016 - 16:59
CVE-2016-6327 4.9
drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation.
28-11-2016 - 15:31 16-10-2016 - 17:59
CVE-2016-6130 1.9
Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerabi
28-11-2016 - 15:30 03-07-2016 - 17:59
CVE-2016-5829 7.2
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOC
28-11-2016 - 15:29 27-06-2016 - 06:59
CVE-2016-5828 7.2
The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception,
28-11-2016 - 15:29 27-06-2016 - 06:59
CVE-2016-4998 5.6
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by levera
28-11-2016 - 15:22 03-07-2016 - 17:59
CVE-2016-4470 4.9
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft
28-11-2016 - 15:18 27-06-2016 - 06:59
CVE-2015-8964 7.1
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
28-11-2016 - 14:50 16-11-2016 - 00:59
CVE-2015-8963 7.6
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.
28-11-2016 - 14:50 16-11-2016 - 00:59
CVE-2015-8956 3.6
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluet
28-11-2016 - 14:50 10-10-2016 - 06:59
CVE-2014-9904 7.2
The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory a
28-11-2016 - 14:15 27-06-2016 - 06:59
Back to Top Mark selected
Back to Top