CVEs from 2016
Total
8,461
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-3372 | medium | 6.6 | 6.6 | 10y ago | The kernel API in Microsoft Windows Vista SP2 and Windows Server 2008 SP2 does not properly enforce permissions, which allows local users to spoof processes, spoof inter-process communication, or cau… | |||
| CVE-2016-6898 | medium | 6.6 | 6.6 | 10y ago | XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary fi… | |||
| CVE-2016-4525 | medium | 6.6 | 6.6 | 10y ago | Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESA… | |||
| CVE-2016-1715 | medium | 6.6 | 6.6 | 11y ago | The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Win… | |||
| CVE-2016-2533 | medium | 6.5 | 6.5 | 8y ago | Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) … | |||
| CVE-2016-8734 | medium | 6.5 | 6.5 | 9y ago | Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The a… | |||
| CVE-2016-6815 | medium | 6.5 | 6.5 | 9y ago | Moderate severity vulnerability that affects org.apache.ranger:ranger | |||
| CVE-2016-10514 | medium | 6.5 | 6.5 | 9y ago | url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to bypass intended access restrictions via a URL that contains a " character, or a URL beginning with a su… | |||
| CVE-2016-1895 | medium | 6.5 | 6.5 | 9y ago | NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling. | |||
| CVE-2016-10507 | medium | 6.5 | 6.5 | 9y ago | Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application … | |||
| CVE-2016-10506 | medium | 6.5 | 6.5 | 9y ago | Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (applic… | |||
| CVE-2016-10505 | medium | 6.5 | 6.5 | 9y ago | NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in… | |||
| CVE-2016-2965 | medium | 6.5 | 6.5 | 9y ago | IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote a… | |||
| CVE-2016-0356 | medium | 6.5 | 6.5 | 9y ago | IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-… | |||
| CVE-2016-0355 | medium | 6.5 | 6.5 | 9y ago | IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-… | |||
| CVE-2016-7845 | medium | 6.5 | 6.5 | 9y ago | GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing. | |||
| CVE-2016-9717 | medium | 6.5 | 6.5 | 9y ago | HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated pa… | |||
| CVE-2016-6312 | medium | 6.5 | 6.5 | 9y ago | The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remot… | |||
| CVE-2016-9982 | medium | 6.5 | 6.5 | 9y ago | IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. IBM X-Force ID: 120274. | |||
| CVE-2016-10364 | medium | 6.5 | 6.5 | 9y ago | With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those se… | |||
| CVE-2016-8219 | medium | 6.5 | 6.5 | 9y ago | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability t… | |||
| CVE-2016-7826 | medium | 6.5 | 6.5 | 9y ago | Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests. | |||
| CVE-2016-7825 | medium | 6.5 | 6.5 | 9y ago | Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands. | |||
| CVE-2016-7821 | medium | 6.5 | 6.5 | 9y ago | Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors. | |||
| CVE-2016-7802 | medium | 6.5 | 6.5 | 9y ago | Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | |||
| CVE-2016-3019 | medium | 6.5 | 6.5 | 9y ago | IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462. | |||
| CVE-2016-0254 | medium | 6.5 | 6.5 | 9y ago | IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote authenticated attacker c… | |||
| CVE-2016-5004 | medium | 6.5 | 6.5 | 9y ago | ws-xmlrpc DoS Vulnerability | |||
| CVE-2016-3077 | medium | 6.5 | 6.5 | 9y ago | The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs. | |||
| CVE-2016-3066 | medium | 6.5 | 6.5 | 9y ago | The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard. | |||
| CVE-2016-2192 | medium | 6.5 | 6.5 | 9y ago | PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own. | |||
| CVE-2016-0767 | medium | 6.5 | 6.5 | 9y ago | PostgreSQL PL/Java Improper Privilege Management | |||
| CVE-2016-2165 | medium | 6.5 | 6.5 | 9y ago | The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5.19 AND 1.6.x versions prior to 1.6.20 are not cleansing request URL paths when… | |||
| CVE-2016-9750 | medium | 6.5 | 6.5 | 9y ago | IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 120207. | |||
| CVE-2016-2126 | medium | 6.5 | 6.5 | 9y ago | Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the w… | |||
| CVE-2016-3114 | medium | 6.5 | 6.5 | 9y ago | Kallithea before 0.3.2 allows remote authenticated users to edit or delete open pull requests or delete comments by leveraging read access. | |||
| CVE-2016-1194 | medium | 6.5 | 6.5 | 9y ago | Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service. | |||
| CVE-2016-3729 | medium | 6.5 | 6.5 | 9y ago | Moodle Improper Access Control | |||
| CVE-2016-7540 | medium | 6.5 | 6.5 | 9y ago | coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format. | |||
| CVE-2016-7538 | medium | 6.5 | 6.5 | 9y ago | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | |||
| CVE-2016-7536 | medium | 6.5 | 6.5 | 9y ago | magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile. | |||
| CVE-2016-7535 | medium | 6.5 | 6.5 | 9y ago | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file. | |||
| CVE-2016-7534 | medium | 6.5 | 6.5 | 9y ago | The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file. | |||
| CVE-2016-7532 | medium | 6.5 | 6.5 | 9y ago | coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | |||
| CVE-2016-7530 | medium | 6.5 | 6.5 | 9y ago | The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file. | |||
| CVE-2016-7527 | medium | 6.5 | 6.5 | 9y ago | coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||
| CVE-2016-7526 | medium | 6.5 | 6.5 | 9y ago | coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | |||
| CVE-2016-7525 | medium | 6.5 | 6.5 | 9y ago | Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | |||
| CVE-2016-7521 | medium | 6.5 | 6.5 | 9y ago | Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | |||
| CVE-2016-7520 | medium | 6.5 | 6.5 | 9y ago | Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file. | |||
| CVE-2016-7518 | medium | 6.5 | 6.5 | 9y ago | The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file. | |||
| CVE-2016-7517 | medium | 6.5 | 6.5 | 9y ago | The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file. | |||
| CVE-2016-7516 | medium | 6.5 | 6.5 | 9y ago | The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file. | |||
| CVE-2016-7514 | medium | 6.5 | 6.5 | 9y ago | The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | |||
| CVE-2016-7513 | medium | 6.5 | 6.5 | 9y ago | Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors. | |||
| CVE-2016-5010 | medium | 6.5 | 6.5 | 9y ago | coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file. | |||
| CVE-2016-4843 | medium | 6.5 | 6.5 | 9y ago | Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information. | |||
| CVE-2016-6336 | medium | 6.5 | 6.5 | 9y ago | MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restriction… | |||
| CVE-2016-7537 | medium | 6.5 | 6.5 | 9y ago | MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file. | |||
| CVE-2016-7533 | medium | 6.5 | 6.5 | 9y ago | The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file. | |||
| CVE-2016-7531 | medium | 6.5 | 6.5 | 9y ago | MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file. | |||
| CVE-2016-7529 | medium | 6.5 | 6.5 | 9y ago | coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file. | |||
| CVE-2016-7528 | medium | 6.5 | 6.5 | 9y ago | The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file. | |||
| CVE-2016-7522 | medium | 6.5 | 6.5 | 9y ago | The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. | |||
| CVE-2016-7519 | medium | 6.5 | 6.5 | 9y ago | The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||
| CVE-2016-7515 | medium | 6.5 | 6.5 | 9y ago | The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels. | |||
| CVE-2016-4871 | medium | 6.5 | 6.5 | 9y ago | Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service. | |||
| CVE-2016-4869 | medium | 6.5 | 6.5 | 9y ago | Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session information via a page where CGI environment variables are displayed. | |||
| CVE-2016-5310 | medium | 5.5 | 6.5 | 9y ago | The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec … | |||
| CVE-2016-5309 | medium | 5.5 | 6.5 | 9y ago | The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec … | |||
| CVE-2016-8925 | medium | 6.5 | 6.5 | 9y ago | IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force I… | |||
| CVE-2016-4896 | medium | 6.5 | 6.5 | 9y ago | SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors. | |||
| CVE-2016-1178 | medium | 6.5 | 6.5 | 9y ago | The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors. | |||
| CVE-2016-10304 | medium | 6.5 | 6.5 | 9y ago | The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java ob… | |||
| CVE-2016-5059 | medium | 6.5 | 6.5 | 9y ago | OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. | |||
| CVE-2016-9194 | medium | 6.5 | 6.5 | 9y ago | A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a den… | |||
| CVE-2016-10318 | medium | 6.5 | 6.5 | 9y ago | A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign … | |||
| CVE-2016-8802 | medium | 6.5 | 6.5 | 9y ago | The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20… | |||
| CVE-2016-8781 | medium | 6.5 | 6.5 | 9y ago | Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow re… | |||
| CVE-2016-8780 | medium | 6.5 | 6.5 | 9y ago | Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive fil… | |||
| CVE-2016-8779 | medium | 6.5 | 6.5 | 9y ago | Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a s… | |||
| CVE-2016-8275 | medium | 6.5 | 6.5 | 9y ago | Huawei AnyOffice V200R006C00 could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb. | |||
| CVE-2016-6177 | medium | 6.5 | 6.5 | 9y ago | The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System (NFS) packets, causing an anomaly in specific disk… | |||
| CVE-2016-9266 | medium | 6.5 | 6.5 | 9y ago | listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift. | |||
| CVE-2016-9168 | medium | 6.5 | 6.5 | 9y ago | A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking. | |||
| CVE-2016-5755 | medium | 6.5 | 6.5 | 9y ago | NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to clickjacking attacks due to a missing SAMEORIGIN filter in the "high encryption" setting. | |||
| CVE-2016-1603 | medium | 6.5 | 6.5 | 9y ago | An information leak in the NetIQ IDM ServiceNow Driver before 1.0.0.1 could expose cryptographic attributes to logged-in users. | |||
| CVE-2016-4931 | medium | 6.5 | 6.5 | 9y ago | XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. | |||
| CVE-2016-10214 | medium | 6.5 | 6.5 | 9y ago | Memory leak in the virgl_resource_attach_backing function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_… | |||
| CVE-2016-10163 | medium | 6.5 | 6.5 | 9y ago | Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) b… | |||
| CVE-2016-8005 | medium | 6.5 | 6.5 | 9y ago | File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a for… | |||
| CVE-2016-9729 | medium | 6.5 | 6.5 | 9y ago | IBM QRadar 7.2 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM Reference #: 1999545. | |||
| CVE-2016-8971 | medium | 6.5 | 6.5 | 9y ago | IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IB… | |||
| CVE-2016-10061 | medium | 6.5 | 6.5 | 9y ago | The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) … | |||
| CVE-2016-6884 | medium | 6.5 | 6.5 | 9y ago | TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message. | |||
| CVE-2016-10060 | medium | 6.5 | 6.5 | 9y ago | The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of serv… | |||
| CVE-2016-9559 | medium | 6.5 | 6.5 | 9y ago | coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image. | |||
| CVE-2016-8508 | medium | 6.5 | 6.5 | 9y ago | Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for pr… | |||
| CVE-2016-8507 | medium | 6.5 | 6.5 | 9y ago | Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video … | |||
| CVE-2016-9818 | medium | 6.5 | 6.5 | 9y ago | Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. |