Total
2089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-9631 | 1 W3m Project | 1 W3m | 2016-12-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | |||||
| CVE-2016-6692 | 1 Google | 1 Android | 2016-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933. | |||||
| CVE-2016-9018 | 1 Realnetworks | 1 Realplayer | 2016-11-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file. | |||||
| CVE-2016-9296 | 1 7-zip | 1 P7zip | 2016-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applications, will cause a crash and a denial of service when decoding malformed 7z files. | |||||
| CVE-2016-7160 | 1 Samsung | 1 Samsung Mobile | 2016-11-28 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. | |||||
| CVE-2016-7118 | 1 Debian | 1 Debian Linux | 2016-11-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image package 3.2.0-4 (kernel 3.2.81-1) in Debian wheezy mishandles F_SETFL fcntl calls on directories, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via standard filesystem operations, as demonstrated by scp from an AUFS filesystem. | |||||
| CVE-2016-5354 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-3821 | 1 Google | 1 Android | 2016-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory corruption) via a crafted media file, aka internal bug 28166152. | |||||
| CVE-2016-7424 | 2 Debian, Libav | 2 Debian Linux, Libav | 2016-10-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file. | |||||