Lucene search
K

7041 matches found

UbuntuCve
UbuntuCve
added 2016/11/22 12:0 a.m.29 views

CVE-2016-9535

tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."...

9.8CVSS7AI score0.04767EPSS
Exploits0References2
OSV
OSV
added 2016/11/22 12:0 a.m.3 views

UBUNTU-CVE-2016-9535

tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."...

9.8CVSS7.1AI score0.04767EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2016/11/21 10:47 a.m.21 views

CVE-2016-9397

The jpcdequantize function in jpcdec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

7.5CVSS5.3AI score0.03588EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/11/21 10:47 a.m.25 views

CVE-2016-9395

The jasseq2dcreate function in jasseq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service assertion failure via a crafted file...

5.5CVSS4.6AI score0.01482EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/11/21 10:47 a.m.23 views

CVE-2016-9399

The calcstepsizes function in jpcdec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

7.5CVSS5.1AI score0.03757EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/11/21 10:17 a.m.26 views

CVE-2016-9388

The rasgetcmap function in rasdec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service assertion failure via a crafted image file...

5.5CVSS4.3AI score0.01951EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/21 12:0 a.m.35 views

Amazon Linux AMI : bind (ALAS-2016-768)

A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. C Tenable Network Security, Inc. The descriptive text and package...

7.5CVSS7.3AI score0.38733EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.93 views

AIX 7.1 TL 4 : bind (IV89829) (deprecated)

https://vulners.com/cve/CVE-2016-2776 https://vulners.com/cve/CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote...

7.1AI score0.89482EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.39 views

AIX 6.1 TL 9 : bind (IV89828) (deprecated)

https://vulners.com/cve/CVE-2016-2776 https://vulners.com/cve/CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote...

7.1AI score0.89482EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.43 views

AIX 5.3 TL 12 : bind (IV90056) (deprecated)

https://vulners.com/cve/CVE-2016-2776 https://vulners.com/cve/CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote...

7.1AI score0.89482EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.80 views

AIX 7.1 TL 3 : bind (IV89830) (deprecated)

https://vulners.com/cve/CVE-2016-2776 https://vulners.com/cve/CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote...

7.1AI score0.89482EPSS
Exploits7References3
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.4 views

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.4AI score0.06587EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.3 views

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...

9.1CVSS7.6AI score0.07673EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2016/11/15 12:0 a.m.21 views

Fedora 25 : firewalld (2016-4dedc6ec3d)

Fix CVE-2016-5410: Firewall configuration can be modified by any logged in user - firewall/server/firewalld: Make getXSettings and getLogDenied CONFIGINFO - Update AppData configuration file. - tests/firewalldrich.py: Use new import structure and FirewallClient classes - tests/firewallddirect.py:...

5.5CVSS5.8AI score0.00364EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/11/08 12:0 a.m.33 views

RedHat Update for bind RHSA-2016:2141-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.38733EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2016/11/07 9:6 p.m.39 views

Security update for bind (important)

This update for bind fixes the following issues: - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. CVE-2016-8864, bsc1007829. - Fix BIND to return a valid...

5CVSS1.4AI score0.38733EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/11/04 12:0 a.m.54 views

RHEL 7 : squid (RHSA-2016:2600)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:2600 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have...

7.5CVSS7.5AI score0.35265EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2016/11/04 12:0 a.m.44 views

RedHat Update for squid RHSA-2016:2600-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.35265EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/11/04 12:0 a.m.22 views

RedHat Update for bind RHSA-2016:2615-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.38733EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/11/03 1:6 p.m.6 views

bind: assertion failure while handling responses containing a DNAME answer

A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS7.1AI score0.38733EPSS
Exploits0References5
Rows per page
Query Builder