Linux kernel local denial of service vulnerability (CNVD-2016-13294)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability in the 'socksetsockopt' function of the net/core/sock.c file in Linux kernel 3.4.99 and earlier stems from the program's failure to properly handle...

phpMyAdmin Denial of Service Vulnerability (CNVD-2016-13104)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. A denial of service vulnerability exists in phpMyAdmin, which can be exploited by attackers to cause a denial of service...

Huawei畅享5手机MTK平台存在输入校验漏洞(CNVD-2016-12840)

Huawei Think 5 is a smartphone from the Chinese company Huawei Huawei. An input validation vulnerability exists in the MTK platform of the Huawei Changsha 5 phone. An attacker may trick the user into installing a malicious application, which can exploit the vulnerability to send specific paramete...

SAP NetWeaver Security Bypass Vulnerability (CNVD-2016-13027)

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A security bypass vulnerability exists in SAP NetWeaver, which can be exploited by an attacker to bypass securit...

SimpleSAMLphp Security Bypass Vulnerability (CNVD-2016-13109)

SimpleSAMLphp is a PHP authentication application that implements the SAML 2.0 Service Provider and Identity Provider features. A security bypass vulnerability exists in SimpleSAMLphp. An attacker could exploit this issue to bypass certain security restrictions and perform unauthorized operations...

Memory Corruption Vulnerability in WebKit Component of Multiple Apple Products (CNVD-2016-12797)

Apple Safari, iCloud for Windows, iTunes, iOS, and tvOS are products of Apple Inc. Apple Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems; iTunes is a suite of media player applications. WebKit is an open source web browser engine developed b...

Joyent SmartOS Local Stack Buffer Overflow Vulnerability (CNVD-2016-12717)

Joyent SmartOS is a set of open source operating system from Joyent, Inc. in the United States. A buffer overflow vulnerability exists in the Hyprlofs file system in Joyent SmartOS version 20161110T013148Z. An attacker can exploit the vulnerability to gain elevated privileges with the help of...

IBM Jazz Reporting Service Cross-Site Scripting Vulnerability (CNVD-2016-12645)

IBM Jazz Reporting Service JRS is a suite of IBM USA applications for discovering cross-project reports that can be used in integration with IBM Rational CLM's Rational solution for managing all lifecycles of a development project. CLM users can access reports provided by JRS in dashboards,...

OpenJPEG heap buffer overflow vulnerability (CNVD-2016-12658)

OpenJPEG is a C-based open source JPEG 2000 codec . A heap buffer overflow vulnerability exists in OpenJPEG version 2.1.2. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2016-12344)

Adobe Experience Manager is a free image reading and conversion tool from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which can be exploited by an attacker to compromise system control...

Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CNVD-2016-12467)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in the Microsoft Windows graphics component. An attacker could trick a user into opening a specially crafted Web site to exploit the vulnerability and take...

Microsoft Office Information Disclosure Vulnerability (CNVD-2016-12361)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. An information disclosure vulnerability exists in Microsoft Office. An attacker can exploit this...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2016-12346)

Adobe Experience Manager is a software developed by Adobe USA that provides marketers and IT with the agility to market online so they can engage new audiences and deliver targeted content. A cross-site scripting vulnerability exists in Adobe Experience Manager, which can be exploited by an...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2016-12343)

Adobe Experience Manager is a free image reading and conversion tool from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which can be exploited by an attacker to compromise system control...

Google Android Mediaserver Information Disclosure Vulnerability (CNVD-2016-12250)

Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, of which Mediaserver is a multimedia service component. An information disclosure vulnerability exists in Mediaserver in Android. The vulnerability can be exploited by an attacker to obtai...

phpMyAdmin Denial of Service Vulnerability (CNVD-2016-12350)

phpmyadmin is an online management tool for MySQL databases. A denial of service vulnerability exists in version 4.6.x of phpMyAdmin. A denial of service can be caused by a larger table partition request...

QEMU VirtFS Denial of Service Vulnerability (CNVD-2016-12580)

QEMU also known as Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast, cross-platform, etc. VirtFS is a customized virtualized file system for virtualized environments, belonging to the system layer virtualization...

QEMU Divide By Zero Denial of Service Vulnerability (CNVD-2016-12575)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU Divide By Zero. An attacker exploiting this vulnerability could crash the Qemu process on the...

QEMU VirtFS Denial of Service Vulnerability (CNVD-2016-12581)

QEMU also known as Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast, cross-platform, etc. VirtFS is a customized virtualized file system for virtualized environments, belonging to the system layer virtualization...

Xen Denial of Service Vulnerability (CNVD-2016-12157)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has a denial of service...