Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8658 | 1 Linux | 1 Linux Kernel | 2017-01-06 | 5.6 MEDIUM | 6.1 MEDIUM |
| Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket. | |||||
| CVE-2016-9138 | 1 Php | 1 Php | 2017-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup. | |||||
| CVE-2016-9449 | 1 Drupal | 1 Drupal | 2017-01-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms by leveraging inconsistent naming of access query tags. | |||||
| CVE-2016-9451 | 1 Drupal | 1 Drupal | 2017-01-06 | 4.9 MEDIUM | 6.8 MEDIUM |
| Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors. | |||||
| CVE-2016-9644 | 1 Linux | 1 Linux Kernel | 2017-01-06 | 9.3 HIGH | 7.8 HIGH |
| The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels. | |||||
| CVE-2016-9756 | 1 Linux | 1 Linux Kernel | 2017-01-06 | 2.1 LOW | 5.5 MEDIUM |
| arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. | |||||
| CVE-2016-9949 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2017-01-06 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code. | |||||
| CVE-2016-9950 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2017-01-06 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system. | |||||
| CVE-2016-9951 | 1 Apport Project | 1 Apport | 2017-01-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK. | |||||
| CVE-2011-1024 | 1 Openldap | 1 Openldap | 2017-01-06 | 4.6 MEDIUM | N/A |
| chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. | |||||
| CVE-2011-1025 | 1 Openldap | 1 Openldap | 2017-01-06 | 6.8 MEDIUM | N/A |
| bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password. | |||||
| CVE-2012-1164 | 1 Openldap | 1 Openldap | 2017-01-06 | 2.6 LOW | N/A |
| slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. | |||||
| CVE-2013-1442 | 1 Xen | 1 Xen | 2017-01-06 | 1.2 LOW | N/A |
| Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers. | |||||
| CVE-2013-4329 | 1 Xen | 1 Xen | 2017-01-06 | 6.5 MEDIUM | N/A |
| The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction. | |||||
| CVE-2013-4353 | 1 Openssl | 1 Openssl | 2017-01-06 | 4.3 MEDIUM | N/A |
| The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. | |||||
| CVE-2013-4356 | 1 Xen | 1 Xen | 2017-01-06 | 5.4 MEDIUM | N/A |
| Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash). | |||||
| CVE-2013-4361 | 1 Xen | 1 Xen | 2017-01-06 | 2.1 LOW | N/A |
| The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction. | |||||
| CVE-2013-4370 | 1 Xen | 1 Xen | 2017-01-06 | 4.6 MEDIUM | N/A |
| The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors that trigger a (1) use-after-free or (2) double free. | |||||
| CVE-2013-4371 | 1 Xen | 1 Xen | 2017-01-06 | 4.4 MEDIUM | N/A |
| Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-4375 | 2 Qemu, Xen | 2 Qemu, Xen | 2017-01-06 | 2.7 LOW | N/A |
| The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. | |||||