38 matches found
CVE-2014-1491
CVE-2014-1491 describes an issue in the Mozilla NSS library where public DH values were not properly restricted, enabling remote attackers to bypass cryptographic protections in ticket handling when NSS was used (e.g., in Firefox/Thunderbird/SeaMonkey). The vulnerability affects NSS
CVE-2016-3115
OpenSSH CVE-2016-3115 affects sshd in OpenSSH prior to 7.2p2. The vulnerability arises from CRLF injection via crafted X11 forwarding data in session.c (related to do_authenticated1 and session_x11_req), allowing a remote authenticated user to bypass shell-command restrictions. In practice, affec...
CVE-2016-2776
CVE-2016-2776 describes a denial-of-service in ISC BIND where a crafted DNS query leads to an assertion failure in buffer.c while building responses, causing named to exit. Affected products/versions include BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3. The root ca...
CVE-2015-8000
CVE-2015-8000 affects ISC BIND 9.x (before 9.9.8-P2 and 9.10.x before 9.10.3-P2). A flaw in db.c parsing incoming responses allows remote DoS via a malformed class attribute, causing an assertion failure and daemon exit. F5’s advisory notes vulnerability presence in BIG-IP family components that ...
CVE-2016-1950
CVE-2016-1950 is a real NSS vulnerability: a heap-based buffer overflow in the ASN.1 DER parser allows remote code execution via crafted data in X.509 certificates. Affected NSS releases include 3.19.2.3 and 3.20.x, and 3.21.x before 3.21.1; it affects Mozilla Firefox up to 45.0 and Firefox ESR 3...
CVE-2016-6197
CVE-2016-6197 affects the OverlayFS implementation (fs/overlayfs/dir.c) in the Linux kernel before 4.6. The flaw allows a local user to cause a denial of service (system crash) by a rename that specifies a self-hardlink, due to incomplete verification of the upper dentry during unlink/rename. Exp...
CVE-2016-5696
Technical details about CVE-2016-5696 are not publicly provided in the supplied connected documents; monitor for updates.
CVE-2016-4447
CVE-2016-4447 affects libxml2 up to version before 2.9.4. The vulnerability is in the xmlParseElementDecl function (parser.c) where a crafted file via xmlParseName can cause a heap-based buffer underread, leading to denial of service (application crash). Remediation: upgrade to libxml2 2.9.4 or n...
CVE-2015-2721
CVE-2015-2721 (NSS) arises from NSS not correctly handling TLS state machine transitions, allowing a MITM to bypass forward secrecy by blocking the ServerKeyExchange message (the SMACK SKIP-TLS issue). Affected: NSS libraries used by Mozilla Firefox/Thunderbird and related products; impact includ...
CVE-2015-3195
CVE-2015-3195 affects OpenSSL’s ASN.1/TASN_DEC implementation mishandling errors from malformed X509_ATTRIBUTE data, enabling remote attackers to read memory of a CMS/PKCS#7 process. Public records show impact across multiple OpenSSL lines prior to updates: 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 bef...
CVE-2016-4448
CVE-2016-4448 is a format-string vulnerability in libxml2 (pre-2.9.4). The connected F5 advisory confirms libxml2 is the vulnerable component across multiple BIG-IP products and lists specific BIG-IP families/versions as vulnerable, with a table guiding upgrades to non‑vulnerable releases. Impact...
CVE-2016-7039
CVE-2016-7039 affects the Linux kernel IP stack up to version 4.8.2. An attacker can trigger the GRO path with large crafted packets (e.g., VLAN header packets), causing stack consumption and a possible panic/DoS; this is related to CVE-2016-8666. Nessus/UTSA advisories for Unity Linux reference ...
CVE-2016-4470
CVE-2016-4470 affects the Linux kernel keyring handling: in key_reject_and_link() an uninitialized pointer may be dereferenced after an error, enabling a local attacker to trigger a denial of service (system crash) via crafted keyctl request2. Connected advisories confirm this is a kernel issue w...
CVE-2015-2730
CVE-2015-2730 affects Mozilla NSS (and NSS-used components such as Firefox/NSS bundles) with improper ECC multiplication handling that can enable remote signature forgery of ECDSA signatures. Connected advisories confirm the vulnerability in NSS prior to 3.19.1 and document mitigation through upg...
CVE-2016-3627
CVE-2016-9596, related to libxml2 used in Red Hat JBoss Core Services, allows a denial of service via crafted XML when in recovery mode. This vulnerability exists because of an incorrect fix for CVE-2016-3627 and results in stack consumption. The issue is specifically described as a DoS (stack gr...
CVE-2016-3710
CVE-2016-3710 : A bounds-checking flaw in QEMU’s VGA module (VBE read/write via I/O ports) allows a privileged guest to modify banked video memory and execute arbitrary code on the host with QEMU process privileges. Root cause: out-of-bounds read/write in VGA bank access. Impact: potential host c...
CVE-2016-5403
CVE-2016-5403 affects QEMU’s virtio path (virtqueue_pop in hw/virtio/virtio.c). A local guest OS administrator can cause a denial of service via unbounded memory allocation by submitting virtqueue requests without waiting for completion, potentially crashing the QEMU process. Public postings acro...
CVE-2013-1620
The CVE-2013-1620 entry concerns the TLS implementation in Mozilla NSS. It describes a timing-side‑channel flaw during a noncompliant CBC padding (MAC check) processing for malformed TLS records, allowing remote attackers to perform distinguishing attacks and plaintext-recovery through timing ana...
CVE-2016-2117
CVE-2016-2117 affects the Atheros L2 ethernet driver (atl2) in the Linux kernel up to version 4.5.2. The root cause is incorrect enablement of scatter/gather I/O, which can allow a remote attacker to read packet data and potentially obtain sensitive kernel memory information. Public documents fro...
CVE-2014-1490
CVE-2014-1490 : A race condition in NSS libssl session ticket processing (use-after-free) could allow remote attackers to cause a denial of service or, per the description, potentially other impact via a resumption handshake. Affected: NSS up to 3.15.4 and, by extension, Mozilla products (Firefox...
CVE-2023-22024
CVE-2023-22024 affects the Unbreakable Enterprise Kernel (UEK) RDS module, where two setsockopt options (RDS_CONN_RESET and RDS6_CONN_RESET) are not re-entrant. A local attacker with CAP_NET_ADMIN can crash the kernel. Connected advisories (e.g., Oracle ELSA updates) indicate a security update ad...
CVE-2016-6198
CVE-2016-6198 affects the Linux kernel (pre-4.5.5) in its OverlayFS path. The bug occurs when a file under OverlayFS is renamed to a self-hardlink, causing post-rename operations to run and potentially crash the kernel. Local users can trigger a denial of service (system crash) via a rename sysca...
CVE-2013-0791
The connected Nessus advisories confirm CVE-2013-0791 affects Mozilla NSS and upstream products via CERT_DecodeCertPackage, allowing remote doS through out-of-bounds reads and memory corruption when processing crafted certificates. Affected: NSS libraries and apps (Firefox before 20.0, ESR 17.x b...
CVE-2016-3712
The CVE-2016-3712 issue affects QEMU’s VGA emulator (VBE mode) where an integer overflow/out-of-bounds read occurs when editing VGA registers, enabling a privileged guest to crash the QEMU host process (DoS). Multiple connected advisories reference this CVE as part of a set of QEMU/VGA vulnerabil...
CVE-2016-3991
LibTIFF 4.0.6 and earlier is affected by CVE-2016-3991 via the tiffcrop tool. The root cause is a heap-based buffer overflow in loadImage(): when TIFFNumberOfTiles() returns 0, loadImage() still reads tile data and allocates 3 bytes per tile, causing a heap overflow if the tile data exceeds 3 byt...
CVE-2015-8668
CVE-2015-8668 is a heap-based buffer overflow in the PackBitsPreEncode function of tif_packbits.c used by bmp2tiff in libtiff (versions
CVE-2016-3945
CVE-2016-3945 : LibTIFF’s tiff2rgba handles a crafted TIFF image (width/height anomalies in cvt_by_strip and cvt_by_tile) that leads to an out-of-bounds write, enabling possible denial of service or arbitrary code execution. Root cause: improper buffer allocation in those functions when -b mode i...
CVE-2016-3990
CVE-2016-3990 is a heap-based buffer overflow in LibTIFF 4.0.6 and earlier, located in horizontalDifference8() of tif_pixarlog.c. Exploitation via a crafted TIFF image passed to tiffcp can cause denial of service or arbitrary code execution. Public advisories from Debian and Arch Linux, and F5 no...
CVE-2016-3960
CVE-2016-3960 affects the Xen hypervisor’s x86 shadow pagetable code. The issue is an integer overflow in shadow pagetables that local guest OS users can exploit to cause a host crash (DoS) or potentially gain host privileges by shadowing a superpage mapping. Public advisories (e.g., SUSE/openSUS...
CVE-2016-3632
LibTIFF 4.0.6 and earlier contains an out-of-bounds write in _TIFFVGetField() (tif_dirinfo.c) that can allow remote attackers to cause a denial of service or execute arbitrary code via a crafted TIFF image. Impact is consistent with remote code execution or crash when processing TIFFs. Mitigation...
CVE-2016-3159
CVE-2016-3159 affects Xen 4.x on AMD64, where the fpu_fxrstor handler in arch/x86/i387.c mishandles writes to the FSW.ES bit, enabling a local guest to read sensitive register content from another guest by exploiting pending exception/mask bits. The issue stems from an incorrect fix for CVE-2013-...
CVE-2016-3158
CVE-2016-3158 concerns the Xen hypervisor. The vulnerability stems from the xrstor function in arch/x86/xstate.c when running on AMD64 processors, where writes to the hardware FSW.ES bit are not properly handled. This could allow a local guest OS user to obtain sensitive register content from ano...
CVE-2016-2270
CVE-2016-2270 affects Xen 4.6.x and earlier. The root cause is inconsistent cachability settings on MMIO guest mappings, as evidenced by multiple mappings of MMIO pages with different cachability, which can be exploited by a local guest administrator to trigger a host denial of service (host rebo...
CVE-2016-4480
CVE-2016-4480 affects Xen 4.6.x and earlier. The vulnerability in arch/x86/mm/guest_walk.c mishandles the PS bit in L3/L4 Page Tables, potentially enabling local guest OS users to gain privileges via a crafted memory mapping. Exploitation is local with low complexity; impact is privilege escalati...
CVE-2016-4962
CVE-2016-4962 affects Xen’s libxl device-handling in Xen 4.6.x and earlier. It can allow local guest administrators to cause a denial of service or gain host OS privileges by manipulating xenstore. Connected advisories indicate this vulnerability was addressed in Xen updates by vendors (e.g., SUS...
CVE-2017-3242
CVE-2017-3242 affects Oracle VM Server for Sparc (LDOM Manager subcomponent). Affected: 3.2 and 3.4. Vulnerability allows a low-privileged user with logon to the infrastructure to compromise the server; successful attacks require user interaction and may cause a hang or frequent crashes (partial/...
CVE-2020-2571
CVE-2020-2571 affects Oracle VM Server for SPARC (Templates), with vulnerability resting in version 3.6. The flaw can be triggered by a locally present attacker who has logon to the infrastructure and requires user interaction to exploit, potentially leading to unauthorized updates or reads in Or...
CVE-2015-0452
The CVE-2015-0452 entry affects Oracle VM Server for SPARC, specifically the Ldom Manager subcomponent of the Oracle Sun Systems Products Suite, versioned around 3.1/3.2. The connected CNVD/NVD entries describe an unspecified remote vulnerability that allows a remote attacker to read data, compro...