Lucene search

K

109 matches found

CVE
CVE
added 2016/08/07 9:59 p.m.3128 views

CVE-2016-6515

The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.

7.8CVSS7.3AI score0.7987EPSS
CVE
CVE
added 2016/11/10 9:59 p.m.1993 views

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

7.2CVSS7.8AI score0.94094EPSS
CVE
CVE
added 2016/07/19 2:0 a.m.1415 views

CVE-2016-5387

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary ...

8.1CVSS8AI score0.71301EPSS
CVE
CVE
added 2016/03/09 11:59 p.m.503 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

8.6CVSS8.2AI score0.68032EPSS
CVE
CVE
added 2016/08/02 2:59 p.m.445 views

CVE-2016-1238

(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidum...

7.8CVSS7.7AI score0.00389EPSS
CVE
CVE
added 2016/07/19 10:59 p.m.444 views

CVE-2016-2775

ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.

5.9CVSS5.7AI score0.34225EPSS
CVE
CVE
added 2016/08/07 10:59 a.m.432 views

CVE-2016-5766

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibl...

8.8CVSS8.2AI score0.04587EPSS
CVE
CVE
added 2016/03/09 11:59 p.m.424 views

CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interfa...

6.8CVSS7.2AI score0.67839EPSS
CVE
CVE
added 2016/12/09 8:59 p.m.416 views

CVE-2016-9014

Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.

8.1CVSS8.6AI score0.04886EPSS
CVE
CVE
added 2016/12/09 8:59 p.m.410 views

CVE-2016-9013

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually s...

9.8CVSS9AI score0.02723EPSS
CVE
CVE
added 2016/07/19 2:0 a.m.326 views

CVE-2016-5385

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traf...

8.1CVSS8AI score0.81569EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.286 views

CVE-2016-4538

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the zero , one , or two global variable, which allows remote attackers to cause a denial of service or possibl...

9.8CVSS7.7AI score0.04049EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.270 views

CVE-2016-4537

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.

9.8CVSS7.8AI score0.04049EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.270 views

CVE-2016-4542

The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted ...

9.8CVSS7.8AI score0.0118EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.270 views

CVE-2016-4543

The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.

9.8CVSS7.8AI score0.0522EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.262 views

CVE-2016-4540

The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.

9.8CVSS7.8AI score0.012EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.253 views

CVE-2016-4539

The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, ...

9.8CVSS7.8AI score0.04366EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.253 views

CVE-2016-4541

The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.

9.8CVSS7.7AI score0.01874EPSS
CVE
CVE
added 2016/10/07 2:59 p.m.225 views

CVE-2016-7167

Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.

9.8CVSS8AI score0.02208EPSS
CVE
CVE
added 2017/08/23 2:29 p.m.215 views

CVE-2017-11610

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.

9CVSS8.4AI score0.94218EPSS
CVE
CVE
added 2016/09/11 10:59 a.m.197 views

CVE-2016-5157

Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.

8.8CVSS7.8AI score0.06592EPSS
CVE
CVE
added 2017/06/01 4:29 p.m.193 views

CVE-2017-8386

git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a...

8.8CVSS8.3AI score0.75646EPSS
CVE
CVE
added 2017/02/15 3:59 p.m.187 views

CVE-2013-7459

Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.

9.8CVSS9.7AI score0.13429EPSS
CVE
CVE
added 2016/04/26 2:59 p.m.182 views

CVE-2016-3074

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.

9.8CVSS8.1AI score0.43404EPSS
CVE
CVE
added 2016/05/22 1:59 a.m.175 views

CVE-2016-4544

The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header d...

9.8CVSS7.8AI score0.02883EPSS
CVE
CVE
added 2017/01/19 8:59 p.m.175 views

CVE-2016-7543

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.

8.4CVSS7.1AI score0.00118EPSS
CVE
CVE
added 2016/08/10 2:59 p.m.156 views

CVE-2016-5421

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

8.1CVSS7.4AI score0.01092EPSS
CVE
CVE
added 2016/06/10 3:59 p.m.151 views

CVE-2016-3720

XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.

9.8CVSS8.5AI score0.00107EPSS
CVE
CVE
added 2016/05/23 10:59 a.m.143 views

CVE-2016-4482

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

6.2CVSS6AI score0.00044EPSS
CVE
CVE
added 2016/06/27 10:59 a.m.135 views

CVE-2016-5244

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

7.5CVSS6.9AI score0.01662EPSS
CVE
CVE
added 2017/03/27 5:59 p.m.132 views

CVE-2016-9243

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.

7.5CVSS7.2AI score0.0165EPSS
CVE
CVE
added 2016/09/26 4:59 p.m.131 views

CVE-2016-6153

os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for tem...

5.9CVSS6.6AI score0.00032EPSS
CVE
CVE
added 2017/01/13 4:59 p.m.125 views

CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.

9.8CVSS9.5AI score0.01944EPSS
CVE
CVE
added 2017/07/25 6:29 p.m.123 views

CVE-2015-5221

Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

5.5CVSS5.8AI score0.00276EPSS
CVE
CVE
added 2016/12/13 10:59 p.m.121 views

CVE-2016-2334

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.

9.3CVSS8AI score0.17155EPSS
CVE
CVE
added 2016/06/03 2:59 p.m.121 views

CVE-2016-3096

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-att...

7.8CVSS7.4AI score0.00087EPSS
CVE
CVE
added 2016/12/13 8:59 p.m.115 views

CVE-2016-5407

The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.

9.8CVSS9AI score0.02123EPSS
CVE
CVE
added 2016/12/13 8:59 p.m.114 views

CVE-2016-7944

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.

9.8CVSS9.4AI score0.00601EPSS
CVE
CVE
added 2017/08/02 7:29 p.m.112 views

CVE-2015-5203

Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

5.5CVSS5.8AI score0.00237EPSS
CVE
CVE
added 2016/07/19 2:0 a.m.110 views

CVE-2016-5386

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI appl...

8.1CVSS7.7AI score0.87615EPSS
CVE
CVE
added 2017/03/28 2:59 p.m.110 views

CVE-2016-8884

The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.

5.5CVSS6.2AI score0.00403EPSS
CVE
CVE
added 2015/06/17 6:59 p.m.109 views

CVE-2015-4454

SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.

7.5CVSS9AI score0.00644EPSS
CVE
CVE
added 2016/08/02 2:59 p.m.108 views

CVE-2016-6185

The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.

7.8CVSS7.7AI score0.00451EPSS
CVE
CVE
added 2016/08/13 1:59 a.m.105 views

CVE-2016-5384

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.

7.8CVSS7.5AI score0.00264EPSS
CVE
CVE
added 2016/05/05 6:59 p.m.93 views

CVE-2016-4008

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.

5.9CVSS5.4AI score0.0429EPSS
CVE
CVE
added 2016/09/07 6:59 p.m.92 views

CVE-2016-6855

Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.

7.5CVSS7.1AI score0.0255EPSS
CVE
CVE
added 2016/12/13 8:59 p.m.91 views

CVE-2016-7947

Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.

9.8CVSS9AI score0.03155EPSS
CVE
CVE
added 2016/05/23 7:59 p.m.88 views

CVE-2016-4001

Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.

8.6CVSS8.7AI score0.04077EPSS
CVE
CVE
added 2016/08/19 9:59 p.m.87 views

CVE-2016-6254

Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.

9.1CVSS9.5AI score0.13065EPSS
CVE
CVE
added 2016/04/26 2:59 p.m.86 views

CVE-2016-4002

Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.

9.8CVSS9.5AI score0.0595EPSS
Total number of security vulnerabilities109