33 matches found
CVE-2016-3715
Summary: CVE-2016-3715 affects ImageMagick where the EPHEMERAL coder allows a remote attacker to delete arbitrary files via a crafted image. Affected versions are ImageMagick prior to 6.9.3-10 and 7.x prior to 7.0.1-1. Impact (per sources): Remote deletion of files via crafted images using the EP...
CVE-2016-3718
ImageMagick is affected by CVE-2016-3718: the HTTP and FTP coders can be abused to perform server-side request forgery via a crafted image. Affected lines: ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. The vulnerability allows an attacker to induce the server to make HTTP/FTP requests when ...
CVE-2016-3427
CVE-2016-3427 is an unspecified vulnerability in Oracle Java SE (affecting 6u113, 7u99, 8u77) and JRockit, tied to the Java Management Extensions (JMX) component. Exploitation can affect confidentiality, integrity, and availability via JMX-related vectors; the issue is described as an unspecified...
CVE-2026-31431
CVE-2026-31431 is a local privilege escalation in the Linux kernel’s algif_aead/AF_ALG path. The root cause is an in-place operation bug in the AEAD handling, which can be exercised via AF_ALG sockets with the authencesn algorithm and splice() to corrupt the kernel page cache of readable files wi...
CVE-2016-1286
CVE-2016-1286 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). A remote attacker can trigger a denial of service by sending a crafted DNS signature for a DNAME record, leading to an assertion failure in resolver.c or db.c and a named process crash. The issue is documented with ...
CVE-2017-18017
CVE-2017-18017 affects the Linux kernel’s tcpmss_mangle_packet in net/netfilter/xt_TCPMSS.c. When xt_TCPMSS is used in an iptables action, a remote attacker can trigger a use-after-free and memory corruption, leading to a denial of service. Affected versions are Linux kernel before 4.11, and 4.9....
CVE-2016-1285
CVE-2016-1285 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). The issue arises from improper handling of control-channel input to rndc, causing assertion failure and named daemon exit via a malformed packet. Connected advisories describe related impact for DNAME records (CVE-2...
CVE-2017-13081
CVE-2017-13081 describes a KRACK-class flaw in WPA/WPA2 where the Integrity Group Temporal Key (IGTK) can be reinstalled during the group key handshake. This enables an attacker within radio range to spoof frames from APs to clients, potentially undermining confidentiality and integrity of WPA/WP...
CVE-2017-13079
CVE-2017-13079 is a KRACK-type vulnerability affecting WPA/WPA2 where reinstallation of the Integrity Group Temporal Key (IGTK) can occur during the 4-way handshake. An attacker in radio range can spoof frames from APs to clients by exploiting IGTK reinstallation. Public disclosures and advisorie...
CVE-2017-13080
CVE-2017-13080 corresponds to the WPA2/Wi‑Fi Key Reinstallation Attack (KRACK) risk, where a network-adjacent attacker can leverage a flaw in the group key handshake to reinstall GTK keys and replay frames. The core description in the initial document confirms: an attacker in radio range can repl...
CVE-2017-13077
CVE-2017-13077 is a KRACK-related vulnerability affecting Wi‑Fi (WPA/WPA2) where an attacker within radio range can force PTK nonce reuse during the four‑way handshake, enabling replay, decryption, or spoofing of frames. The initial description confirms the vulnerability and impact. Connected doc...
CVE-2018-6556
CVE-2018-6556 affects lxc-user-nic where, when asked to delete a network interface, the code unconditionally opens a user-supplied path. This can let an unprivileged user infer the existence of a path they should not reach and may trigger side effects by opening (read-only) kernel files such as /...
CVE-2017-13078
CVE-2017-13078 is part of the KRACK family impacting WPA2. A attacker in Wi‑Fi range could reinstall the GTK during the 4‑way handshake, replaying frames to clients. Apple addresses this via security updates (e.g., HT208221/HT208222) for macOS High Sierra/Sierra and related AirPort firmware; exac...
CVE-2017-13082
CVE-2017-13082 is one of the KRACK-class WPA2 flaws. Android/Arch/Debian/CentOS references describe an issue where a retransmitted FT Reassociation Request can reinstall the PTK during processing, enabling a nearby attacker to replay, decrypt, or spoof frames. Impact described across sources incl...
CVE-2017-13087
CVE-2017-13087 affects WPA/WPA2 (WPA2) implementations in wpa_supplicant/wpa and is part of the KRACK family. The issue is a GTK reinstallation triggered when processing a Wireless Network Management Sleep Mode Response frame, allowing an attacker within radio range to replay frames between APs a...
CVE-2015-5300
CVE-2015-5300 (NTP panic-threshold bypass) is detailed in connected advisory from F5 for BIG-IP products, describing a vulnerability in ntpd where the threshold for the -g option is not correctly enforced. An attacker controlling NTP traffic could cause ntpd to step the clock to an arbitrary valu...
CVE-2017-13086
CVE-2017-13086 affects WPA/WPA2, specifically the TDLS handshake where the TDLS PeerKey (TPK) can be reinstalled. The root cause is key reinstallation during the TDLS handshake, enabling an attacker within radio range to replay, decrypt, or spoof frames. This vulnerability is documented across mu...
CVE-2017-13088
CVE-2017-13088 is part of the KRACK family affecting WPA/WPA2 (802.11) where reinstallation of the Integrity Group Temporal Key (IGTK) can occur while processing a Wireless Network Management Sleep Mode Response frame. The flaw enables an attacker within radio range to replay frames between APs a...
CVE-2015-5219
CVE-2015-5219 affects the Network Time Protocol (NTP) SNTP components, specifically the sntp utility, prior to version 4.2.7p366. The root cause is an incorrect type conversion in the ULOGTOD function (precision → double) which can cause a crafted NTP packet to trigger an infinite loop in sntp, l...
CVE-2015-5194
CVE-2015-5194: ntpd’s log_config_command in ntp_parser.y allows remote attackers to crash ntpd via crafted logconfig commands. Affected are ntpd before 4.2.7p42; remediation is to upgrade to a fixed version (4.2.7p42+). Connected advisories from F5/IBM detail affected products and patch guidance ...
CVE-2022-27239
CVE-2022-27239 affects cifs-utils up to version 6.14, due to a stack-based buffer overflow when parsing the mount.cifs ip= argument, enabling local attackers to gain root privileges. A patched version is available (e.g., cifs-utils 6.14-2 and later per advisories). Remediation is to update to a f...
CVE-2016-4956
ntpd (NTP 4.x) before 4.2.8p8 is vulnerable to DoS via a spoofed broadcast packet, triggering interleaved-mode transitions and time changes. This exists due to an incomplete fix for CVE-2016-1548. Exploitation can disrupt time synchronization, with public advisories linking the issue to broadcast...
CVE-2016-4955
CVE-2016-4955 affects ntpd (NTP 4.x) prior to 4.2.8p8. When autokey is enabled, a remote attacker can cause a denial of service by sending a spoofed CRYPTO_NAK packet or a packet with an incorrect MAC at a specific time, which can trigger autokey association reset. Cloud/OS advisories confirm thi...
CVE-2016-4953
CVE-2016-4953 affects ntpd (NTP 4.x) and relates to DoS via crafted CRYPTO_NAK or spoofed packets that can demobilize ephemeral associations, potentially disrupting time synchronization. Connected docs confirm multiple ntpd-family vulnerabilities (CVE-2016-4953/4954/4955/4956/4957) with root caus...
CVE-2016-4954
The CVE-2016-4954 entry affects ntpd (NTP v4) and is triggered by the process_packet() function in ntp_proto.c, where NTP 4.x versions before 4.2.8p8 can be caused to enter a peer-variable modification state when it receives spoofed packets from multiple sources, demonstrated by an incorrect leap...
CVE-2017-13084
CVE-2017-13084 describes a vulnerability in WPA/WPA2 where the Station-To-Station-Link (STK) key can be reinstalled during the PeerKey handshake. An attacker within wireless range may replay, decrypt, or spoof frames by exploiting STSL STK reinstallation. Public sources confirm this as part of th...
CVE-2016-2315
CVE-2016-2315 : Git before 2.7.4 contains an integer truncation/overrun in revision.c that can cause a heap-based buffer overflow when handling crafted path information (e.g., long filenames or many nested trees). This may allow remote code execution. A fix is to update Git to version 2.7.4 or la...
CVE-2016-2324
CVE-2016-2324 affects Git prior to 2.7.4. A heap-based buffer overflow is triggered by path-related inputs (e.g., long filenames or deeply nested trees), enabling remote code execution. Public advisories from Debian, Ubuntu, Arch, CentOS, and Cloud Foundry reference two related buffer-overflow vu...
CVE-2016-0264
CVE-2016-0264 is a buffer overflow in IBM Runtime Environment Java (IBM SDK, Java Technology Edition) that allows remote code execution under certain conditions. Affected IBM JRE/JVM versions include IBM SDK 6 (pre SR16 FP25), 6 R1 (pre SR8 FP25), 7 (pre SR9 FP40) and 7 R1 (pre SR3 FP40), and 8 (...
CVE-2018-17954
CVE-2018-17954 affects SUSE OpenStack Cloud Crowbar and Ardana components. It is an Improper Privilege Management in crowbar, enabling root users on any crowbar-managed node to become root on any other node. Affected versions include: SUSE OpenStack Cloud 7 crowbar-core < 4.0+git.1578392992.fa...
CVE-2016-4957
ntpd (NTP) before version 4.2.8p8 is vulnerable to a remote DoS via specially crafted crypto-NAK packets, causing ntpd to crash. This issue stems from an incorrect fix applied after CVE-2016-1547 and affects ntpd’s handling of CRYPTO-NAK. Public references indicate an impact to the daemon’s avail...
CVE-2017-7995
Concretely, CVE-2017-7995 affects Xen PV guests prior to 4.3: MMIO access permission checks were performed after accessing MMIO ranges, enabling host PCI device space memory reads and leading to information disclosure. The underlying cause is an error in the get_user function. Public symptom and ...
CVE-2019-3683
The CVE-2019-3683 issue affects the keystone-json-assignment package in SUSE Openstack Cloud 8 prior to commit d7888c75505465490250c00cc0ef4bb1af662f9f. The root cause is that every user listed in /etc/keystone/user-project-map.json was granted full member access to every project, enabling these ...