Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Oracle Subscribe
Filtered by product Linux
Total 211 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-3452 4 Ibm, Mariadb, Oracle and 1 more 5 Powerkvm, Mariadb, Linux and 2 more 2019-12-27 4.3 MEDIUM 3.7 LOW
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.
CVE-2016-3477 5 Canonical, Debian, Ibm and 2 more 6 Ubuntu Linux, Debian Linux, Powerkvm and 3 more 2019-12-27 4.1 MEDIUM 8.1 HIGH
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.
CVE-2016-3521 5 Canonical, Debian, Ibm and 2 more 6 Ubuntu Linux, Debian Linux, Powerkvm and 3 more 2019-12-27 6.8 MEDIUM 6.5 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.
CVE-2016-3615 5 Canonical, Debian, Ibm and 2 more 6 Ubuntu Linux, Debian Linux, Powerkvm and 3 more 2019-12-27 4.3 MEDIUM 5.3 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.
CVE-2016-4051 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 6.8 MEDIUM 8.8 HIGH
Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
CVE-2016-4053 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 4.3 MEDIUM 3.7 LOW
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
CVE-2016-4054 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 6.8 MEDIUM 8.1 HIGH
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4553 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 8.6 HIGH
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
CVE-2016-4554 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 8.6 HIGH
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
CVE-2016-4555 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 7.5 HIGH
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
CVE-2016-4556 3 Canonical, Oracle, Squid-cache 3 Ubuntu Linux, Linux, Squid 2019-12-27 5.0 MEDIUM 7.5 HIGH
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
CVE-2016-4809 3 Libarchive, Oracle, Redhat 9 Libarchive, Linux, Enterprise Linux Desktop and 6 more 2019-12-27 5.0 MEDIUM 7.5 HIGH
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
CVE-2010-5325 3 Linuxfoundation, Oracle, Redhat 8 Foomatic-filters, Linux, Enterprise Linux and 5 more 2019-12-27 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.
CVE-2016-5262 2 Mozilla, Oracle 3 Firefox, Firefox Esr, Linux 2019-12-27 4.3 MEDIUM 6.1 MEDIUM
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
CVE-2016-5263 2 Mozilla, Oracle 3 Firefox, Firefox Esr, Linux 2019-12-27 6.8 MEDIUM 8.8 HIGH
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."
CVE-2016-5252 2 Mozilla, Oracle 3 Firefox, Firefox Esr, Linux 2019-12-27 6.8 MEDIUM 8.8 HIGH
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.
CVE-2016-5254 2 Mozilla, Oracle 3 Firefox, Firefox Esr, Linux 2019-12-27 7.5 HIGH 9.8 CRITICAL
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.
CVE-2016-5258 2 Mozilla, Oracle 3 Firefox, Firefox Esr, Linux 2019-12-27 6.8 MEDIUM 8.8 HIGH
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.
CVE-2016-5259 2 Mozilla, Oracle 3 Firefox, Firefox Esr, Linux 2019-12-27 6.8 MEDIUM 8.8 HIGH
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.
CVE-2016-5264 2 Mozilla, Oracle 3 Firefox, Firefox Esr, Linux 2019-12-27 6.8 MEDIUM 8.8 HIGH
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.