65 matches found
CVE-2014-3566
CVE-2014-3566 (POODLE) affects SSLv3 in AIX and related IBM components. IBM’s advisory (nettcp) states SSLv3 padding oracle vulnerability could allow MITM decryption of SSL sessions. Affected: AIX 6.1/7.1 and VIOS 2.2.x with vulnerable bos.net.tcp.client/server file sets (various lower/upper leve...
CVE-2015-0240
The CVE-2015-0240 issue affects the Samba smbd Netlogon code and allows remote code execution via crafted Netlogon packets using the ServerPasswordSet RPC. Affected Samba versions: 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5, due to an uninit...
CVE-2015-2716
CVE-2015-2716 is an Expat XML parser vulnerability described as an integer overflow that leads to a buffer overflow when processing large compressed XML data. Public advisories (ALAS-2020-1364, CESA-2020:1011) link this to expat, indicating a security update is required (update expat) to mitigate...
CVE-2016-1583
CVE-2016-1583 affects the Linux kernel: ecryptfs_privileged_open (fs/ecryptfs/kthread.c) allows a local attacker to gain privileges or cause a denial of service via crafted mmap calls for /proc pathnames, triggering recursive pagefault handling. Affects kernels prior to 4.6.3; patch released in 4...
CVE-2016-3672
CVE-2016-3672 affects the Linux kernel before 4.5.3 where arch_pick_mmap_layout in arch/x86/mm/mmap.c fails to properly randomize the legacy base address. This defeats ADDR_NO_RANDOMIZE protections and can bypass ASLR for setuid/setgid programs by disabling stack-consumption resource limits. Affe...
CVE-2016-3137
CVE-2016-3137 affects the Linux kernel driver, specifically drivers/usb/serial/cypress_m8.c, with exploitation possible via a USB device lacking interrupt endpoints. The vulnerability allows a NULL pointer dereference leading to a denial of service (system crash) and is fixed in kernel 4.5.1 (and...
CVE-2016-4997
CVE-2016-4997 affects the Linux kernel netfilter IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE handling in 32/64-bit compatibility paths prior to 4.6.3, enabling local privilege escalation or memory-corruption-based denial of service when a crafted offset is supplied via in-container root access. Ex...
CVE-2015-6815
CVE-2015-6815 affects QEMU with e1000 NIC emulation. The process_tx_desc path in hw/net/e1000.c improperly handles transmit descriptor data, enabling a remote attacker within the local network to trigger an infinite loop and guest crash (Denial of Service). This vulnerability is tied to QEMU befo...
CVE-2016-2834
CVE-2016-2834 concernsMozilla Network Security Services (NSS), as used in Mozilla Firefox, with NSS versions before 3.23. Exploitation can lead to remote code execution, memory corruption, or denial of service, per connected IBM advisories. Relevant IBM records show NSS in various IBM products (P...
CVE-2015-2721
CVE-2015-2721 (NSS) arises from NSS not correctly handling TLS state machine transitions, allowing a MITM to bypass forward secrecy by blocking the ServerKeyExchange message (the SMACK SKIP-TLS issue). Affected: NSS libraries used by Mozilla Firefox/Thunderbird and related products; impact includ...
CVE-2016-3134
The CVE-2016-3134 issue affects the Linux kernel netfilter/ip_tables.c, where the mark_source_chains() path can process an IPT_SET_REPLACE entry with an unvalidated next_offset. This can lead to out-of-bounds writes that enable local privilege escalation or cause a denial of service (heap memory ...
CVE-2016-4913
The CVE-2016-4913 issue affects the Linux kernel (fs/isofs/rock.c) and concerns get_rock_ridge_filename mishandling of NM (alternate name) entries containing a NUL character. A local attacker mounting a crafted isofs filesystem could read kernel memory due to this information leak. The vulnerabil...
CVE-2015-2730
CVE-2015-2730 affects Mozilla NSS (and NSS-used components such as Firefox/NSS bundles) with improper ECC multiplication handling that can enable remote signature forgery of ECDSA signatures. Connected advisories confirm the vulnerability in NSS prior to 3.19.1 and document mitigation through upg...
CVE-2014-1505
CVE-2014-1505 affects Mozilla Firefox (and related Mozilla components) where SVG filter operations in feDisplacementMap could leak displacement-correlation data and potentially bypass Same Origin Policy via a timing attack, enabling partial information disclosure from a different domain. Affected...
CVE-2016-2184
CVE-2016-2184 affects the Linux kernel snd-usb-audio driver (pre-4.5.1). The vulnerability stems from create_fixed_stream_quirk in sound/usb/quirks.c, which allows a physically proximate attacker to trigger a denial of service via a crafted endpoints value in a USB device descriptor. Consequences...
CVE-2016-2847
CVE-2016-2847 affects the Linux kernel, where fs/pipe.c does not cap unread data in pipes, enabling local users to cause memory exhaustion and a denial of service. The description and connected sources confirm the vulnerability lies in the per-user pipe data handling and that the risk is local Do...
CVE-2016-3156
CVE-2016-3156 affects the Linux kernel IPv4 implementation. A use-after-free in the destruction of inet device objects can be exploited by a local attacker (guest OS user) to cause a host networking outage by exhausting rtnl_lock with a large number of IP addresses. Impact is a denial of service ...
CVE-2015-8816
CVE-2015-8816 affects the Linux kernel prior to 4.3.5, where hub_activate in drivers/usb/core/hub.c mishandles hub-interface data. Physically proximate attackers can unplug a USB hub to trigger invalid memory access and a system crash (DoS); impact may be unspecified otherwise. A fixed version ex...
CVE-2016-4485
The CVE-2016-4485 issue affects the Linux kernel (net/llc/af_llc.c): the llc_cmsg_rcv path does not initialize a data structure, enabling a local attacker to read kernel stack memory and obtain sensitive information. Public references in connected documents indicate this vulnerability existed in ...
CVE-2016-4569
CVE-2016-4569 (Linux kernel) : The snd_timer_user_params function in sound/core/timer.c reportedly does not initialize a certain data structure in kernel versions up to 4.6, enabling a local attacker to leak information from kernel stack memory via the ALSA timer interface. This is an information...
CVE-2015-2724
CVE-2015-2724 involves memory safety bugs in the Mozilla Firefox browser engine (affecting Firefox up to version 39.0, ESR lines older than 31.8/38.1, and Thunderbird before 38.1). The issues allow remote attackers to cause a denial of service via memory corruption or potentially execute arbitrar...
CVE-2016-4482
CVE-2016-4482 : The Linux kernel before 4.7 has a flaw in the proc_connectinfo handling. The proc_connectinfo function in drivers/usb/core/devio.c does not initialize a data structure, enabling local users to read sensitive data from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl. T...
CVE-2015-2722
CVE-2015-2722 affects Mozilla Firefox before 39.0 and Firefox ESR before 31.8 (and 38.x before 38.1). Root cause: a use-after-free in CanonicalizeXPCOMParticipant when an XMLHttpRequest is attached to a shared or dedicated worker. Impact: remote attacker could execute arbitrary code. Mitigation: ...
CVE-2016-4486
CVE-2016-4486 affects the Linux kernel prior to 4.5.5, where the function rtnetlink.c: rtnl_fill_link_ifmap does not initialize a certain data structure. This allows a local attacker to read kernel stack memory via a crafted Netlink message, leading to information disclosure. Public references (i...
CVE-2015-7566
CVE-2015-7566 affects the Linux kernel driver drivers/usb/serial/visor.c (clie_5_attach). A USB device without a bulk-out endpoint can cause a NULL pointer dereference, leading to a denial of service and potential system crash. The vulnerability is confirmed by Nessus advisories referencing the v...
CVE-2015-2708
CVE-2015-2708 affects Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7, with memory-safety issues in the browser engine that could allow remote attackers to cause memory corruption, crash the application, or potentially execute arbitrary code via unknown vect...
CVE-2015-2713
CVE-2015-2713 is a use-after-free in Mozilla Firefox (SetBreaks) affecting Firefox before 38.0, Firefox ESR before 31.7, and Thunderbird before 31.7. An attacker could craft a document with specific CSS tokens for vertical text to cause heap memory corruption, enabling remote code execution or a ...
CVE-2016-2185
CVE-2016-2185 : In the Linux kernel, the ati_remote2_probe function (drivers/input/misc/ati_remote2.c) in versions before 4.5.1 is vulnerable. A physically proximate attacker can trigger a NULL pointer dereference via a crafted USB device descriptor, causing a denial of service (system crash). Th...
CVE-2016-2187
No new technical details are provided in the Connected documents for CVE-2016-2187. The only available information is in the Initial document, describing a Linux kernel denial-of-service via gtco_probe in gtco.c caused by a crafted USB endpoint in a device descriptor.
CVE-2016-2815
CVE-2016-2815 is a memory-safety hazard in Mozilla Firefox’s browser engine. Affected versions include Firefox prior to 47.0 (with NSS updates in related advisories). The initial description notes remote memory corruption that can cause a crash or potentially allow arbitrary code execution via un...
CVE-2016-3140
CVE-2016-3140 affects the Linux kernel, specifically the digi_port_init function in drivers/usb/serial/digi_acceleport.c. The vulnerability enables physically proximate attackers to trigger a NULL pointer dereference and crash the system by sending a crafted endpoints value in a USB device descri...
CVE-2016-4805
CVE-2016-4805 describes a use-after-free in the Linux kernel’s drivers/net/ppp/ppp_generic.c before 4.5.2. The flaw allows local attackers to trigger memory corruption and potential DoS (system crash) by removing a network namespace, related to ppp_register_net_channel and ppp_unregister_channel....
CVE-2016-2188
CVE-2016-2188 entry is rejected and not used.
CVE-2016-2186
The CVE-2016-2186 entry concerns the Linux kernel powermate_probe in drivers/input/misc/powermate.c, where kernels prior to 4.5.1 are vulnerable. A physically proximate attacker can trigger a denial of service (NULL pointer dereference and system crash) by sending a crafted endpoints value in a U...
CVE-2015-2710
CVE-2015-2710 is a memory-safety vulnerability in Mozilla Firefox and Thunderbird where the SVGTextFrame handles crafted SVG/CSS data, causing a heap-based buffer overflow. A remote attacker could potentially execute arbitrary code by enticing a user to open specially crafted content. The issue a...
CVE-2015-2743
CVE-2015-2743 affects Mozilla Firefox and Firefox ESR where PDF.js in the built-in PDF viewer could execute internal Worker code with elevated privileges, enabling a Same Origin Policy bypass and potential remote code execution. Affected versions include Firefox < 39.0 and Firefox ESR < 31....
CVE-2016-3689
CVE-2016-3689 affects the Linux kernel: the ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c is exploitable via a USB device with no master/slave interfaces, allowing a physically proximate attacker to trigger a denial of service (system crash). A patch is available in kernel 4.5.1...
CVE-2016-3138
CVE-2016-3138 : The Linux kernel’s acm_probe in drivers/usb/class/cdc-acm.c is vulnerable before 4.5.1. A USB device with no both a control and a data endpoint descriptor can trigger a NULL pointer dereference, enabling a physically proximate attacker to crash the system. Impact is denial of serv...
CVE-2016-3951
CVE-2016-3951 concerns a double-free in Linux kernel drivers/net/usb/cdc_ncm.c, exploitable when a USB device with an invalid descriptor is inserted. Affected: Linux kernel pre-4.5; impact: denial of service (system crash) and potential unspecified effects. The linked Unity security advisories co...
CVE-2016-3136
CVE-2016-3136 affects the Linux kernel up to version 4.5.0, where the mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c can be triggered by a crafted USB device without two interrupt-in endpoint descriptors. This allows physically proximate attackers to cause a denial of service (NU...
CVE-2015-2739
CVE-2015-2739 affects Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1. The issue is in ArrayBufferBuilder::append, which accesses unintended memory locations. The description notes unspecified impact and attack vectors; no explicit explo...
CVE-2016-0363
CVE-2016-0363 affects IBM SDK, Java Technology Edition prior to specific SR updates: 6.0.16.25 (SR16 FP25) for 6.x, 6 R1 before SR8 FP25, 7 before SR9 FP40, 7 R1 before SR3 FP40, and 8 before SR3 (6.0.3.0–? not fully listed). The vulnerability arises when the invoke method of java.lang.reflect.Me...
CVE-2015-2725
CVE-2015-2725 refers to multiple memory safety vulnerabilities in Mozilla Firefox (and Thunderbird) that could allow remote code execution or memory corruption leading to a crash. The connected IBM advisories confirm affected products (IBM Storwize V7000 Unified and IBM SONAS) ship Firefox compon...
CVE-2015-8924
CVE-2015-8924 affects libarchive’s TAR parser: archive_read_format_tar_read_header allows an out-of-bounds read when processing a crafted tar file, potentially enabling denial of service. The vulnerability exists in libarchive before version 3.2.0. Public advisories indicate multiple vendors have...
CVE-2015-2740
CVE-2015-2740 affects Mozilla Firefox (and Thunderbird) with a buffer overflow in nsXMLHttpRequest::AppendToResponseText, allowing remote denial of service or other impact. Affected: Firefox before 39.0; Firefox ESR 31.x before 31.8 and 38.x before 38.1. Remediation: upgrade to Firefox 39.0+ (and...
CVE-2016-2818
CVE-2016-2818 corresponds to memory safety bugs in the Mozilla Firefox browser engine that could allow remote code execution or denial of service. The connected IBM advisories indicate the vulnerability affecting IBM products shipped with Firefox (IBM SONAS and IBM Storwize V7000 Unified), with a...
CVE-2015-2735
CVE-2015-2735 affects Mozilla Firefox (before 39.0), Firefox ESR (31.x before 31.8 and 38.x before 38.1), and Thunderbird (before 38.1). The issue is in nsZipArchive.cpp where memory locations are accessed in an unintended way when processing crafted ZIP archives, which could allow a remote attac...
CVE-2015-8920
CVE-2015-8920 affects the libarchive project, specifically the _ar_read_header function in archive_read_support_format_ar.c. A crafted ar file can trigger an out-of-bounds stack read, enabling a denial of service. Public references consistently describe this as a vulnerability in libarchive versi...
CVE-2015-2736
CVE-2015-2736 concerns Mozilla Firefox (pre-39.0), Firefox ESR (31.x pre-31.8 and 38.x pre-38.1), and Thunderbird (pre-38.1). The issue is in nsZipArchive::BuildFileList where unintended memory locations may be accessed when processing crafted ZIP archives, leading to a remote attacker potentiall...
CVE-2015-8921
CVE-2015-8921 : libarchive’s mtree parser in archive_entry.c is vulnerable to an out-of-bounds read via a crafted mtree file, affecting libarchive prior to 3.2.0. This can allow a remote attacker to read memory beyond a statically declared structure. Multiple security advisories (Debian DSA-3657-...