CVEs from 2016
Total
8,452
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7977 | medium | 5.5 | 5.5 | 9y ago | Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript d… | |||
| CVE-2016-10374 | medium | 5.5 | 5.5 | 9y ago | perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and does not have a symlink-attack protect… | |||
| CVE-2016-4839 | medium | 5.5 | 5.5 | 9y ago | The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0… | |||
| CVE-2016-10292 | medium | 5.5 | 5.5 | 9y ago | A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. This issue is rated as High due to the possibilit… | |||
| CVE-2016-10371 | medium | 5.5 | 5.5 | 9y ago | The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF f… | |||
| CVE-2016-8916 | medium | 5.5 | 5.5 | 9y ago | IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472. | |||
| CVE-2016-10351 | medium | 5.5 | 5.5 | 9y ago | Telegram Desktop 0.10.19 uses 0755 permissions for $HOME/.TelegramDesktop, which allows local users to obtain sensitive authentication information via standard filesystem operations. | |||
| CVE-2016-10350 | medium | 5.5 | 5.5 | 9y ago | The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and applica… | |||
| CVE-2016-10349 | medium | 5.5 | 5.5 | 9y ago | The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | |||
| CVE-2016-7843 | medium | 5.5 | 5.5 | 9y ago | Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files v… | |||
| CVE-2016-7842 | medium | 5.5 | 5.5 | 9y ago | Directory traversal vulnerability in AttacheCase 2.8.2.8 and earlier and 3.2.0.4 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file. | |||
| CVE-2016-3076 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted Jpeg2000 file. | |||
| CVE-2016-6341 | medium | 5.5 | 5.5 | 9y ago | oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files. | |||
| CVE-2016-5410 | medium | 5.5 | 5.5 | 9y ago | firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntr… | |||
| CVE-2016-2036 | medium | 5.5 | 5.5 | 9y ago | The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allow… | |||
| CVE-2016-5322 | medium | 5.5 | 5.5 | 9y ago | The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||
| CVE-2016-1517 | medium | 5.5 | 5.5 | 9y ago | Improper Input Validation in OpenCV | |||
| CVE-2016-5349 | medium | 5.5 | 5.5 | 9y ago | The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to le… | |||
| CVE-2016-10220 | medium | 5.5 | 5.5 | 9y ago | The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash)… | |||
| CVE-2016-10219 | medium | 5.5 | 5.5 | 9y ago | The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | |||
| CVE-2016-10218 | medium | 5.5 | 5.5 | 9y ago | The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointe… | |||
| CVE-2016-10217 | medium | 5.5 | 5.5 | 9y ago | The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file tha… | |||
| CVE-2016-10209 | medium | 5.5 | 5.5 | 9y ago | The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafte… | |||
| CVE-2016-8758 | medium | 5.5 | 5.5 | 9y ago | ION memory management module in Huawei Mate8 phones with software NXT-AL10C00B561 and earlier versions, NXT-CL10C00B561 and earlier versions, NXT-DL10C00B561 and earlier versions, NXT-TL10C00B561 and… | |||
| CVE-2016-8756 | medium | 5.5 | 5.5 | 9y ago | ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 an… | |||
| CVE-2016-4976 | medium | 5.5 | 5.5 | 9y ago | Apache Ambari reveals administrator passwords | |||
| CVE-2016-8884 | medium | 5.5 | 5.5 | 9y ago | The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP… | |||
| CVE-2016-9922 | medium | 5.5 | 5.5 | 9y ago | The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-z… | |||
| CVE-2016-7474 | medium | 5.5 | 5.5 | 9y ago | In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information. | |||
| CVE-2016-10267 | medium | 5.5 | 5.5 | 9y ago | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. | |||
| CVE-2016-10266 | medium | 5.5 | 5.5 | 9y ago | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. | |||
| CVE-2016-3179 | medium | 5.5 | 5.5 | 9y ago | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling. | |||
| CVE-2016-3178 | medium | 5.5 | 5.5 | 9y ago | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative … | |||
| CVE-2016-9557 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file. | |||
| CVE-2016-9556 | medium | 5.5 | 5.5 | 9y ago | The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. | |||
| CVE-2016-9395 | medium | 5.5 | 5.5 | 9y ago | The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-9394 | medium | 5.5 | 5.5 | 9y ago | The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-9393 | medium | 5.5 | 5.5 | 9y ago | The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-9392 | medium | 5.5 | 5.5 | 9y ago | The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-9390 | medium | 5.5 | 5.5 | 9y ago | The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | |||
| CVE-2016-9388 | medium | 5.5 | 5.5 | 9y ago | The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | |||
| CVE-2016-9265 | medium | 5.5 | 5.5 | 9y ago | The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. | |||
| CVE-2016-9264 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. | |||
| CVE-2016-9262 | medium | 5.5 | 5.5 | 9y ago | Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of … | |||
| CVE-2016-9011 | medium | 5.5 | 5.5 | 9y ago | The wmf_malloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure. | |||
| CVE-2016-8887 | medium | 5.5 | 5.5 | 9y ago | The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference). | |||
| CVE-2016-8885 | medium | 5.5 | 5.5 | 9y ago | The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a craf… | |||
| CVE-2016-10058 | medium | 5.5 | 5.5 | 9y ago | Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file. | |||
| CVE-2016-10053 | medium | 5.5 | 5.5 | 9y ago | The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | |||
| CVE-2016-10047 | medium | 5.5 | 5.5 | 9y ago | Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file. | |||
| CVE-2016-10046 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | |||
| CVE-2016-10255 | medium | 5.5 | 5.5 | 9y ago | The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header valu… | |||
| CVE-2016-10254 | medium | 5.5 | 5.5 | 9y ago | The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure. | |||
| CVE-2016-5749 | medium | 5.5 | 5.5 | 9y ago | NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML Extern… | |||
| CVE-2016-5748 | medium | 5.5 | 5.5 | 9y ago | External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to disclose the content of local f… | |||
| CVE-2016-10187 | medium | 5.5 | 5.5 | 9y ago | The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. | |||
| CVE-2016-10247 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a cr… | |||
| CVE-2016-10246 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted … | |||
| CVE-2016-10167 | medium | 5.5 | 5.5 | 9y ago | The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | |||
| CVE-2016-6906 | medium | 5.5 | 5.5 | 9y ago | The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related t… | |||
| CVE-2016-10172 | medium | 5.5 | 5.5 | 9y ago | The read_new_config_info function in open_utils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-10171 | medium | 5.5 | 5.5 | 9y ago | The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-10170 | medium | 5.5 | 5.5 | 9y ago | The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-10169 | medium | 5.5 | 5.5 | 9y ago | The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. | |||
| CVE-2016-9985 | medium | 5.5 | 5.5 | 9y ago | IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be read by a local user. IBM Reference #: 1999671. | |||
| CVE-2016-8483 | medium | 5.5 | 5.5 | 9y ago | An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it… | |||
| CVE-2016-6522 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping… | |||
| CVE-2016-6350 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | |||
| CVE-2016-6247 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | |||
| CVE-2016-6245 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. | |||
| CVE-2016-6243 | medium | 5.5 | 5.5 | 9y ago | thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | |||
| CVE-2016-6242 | medium | 5.5 | 5.5 | 9y ago | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | |||
| CVE-2016-6239 | medium | 5.5 | 5.5 | 9y ago | The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | |||
| CVE-2016-5315 | medium | 5.5 | 5.5 | 9y ago | The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||
| CVE-2016-10040 | medium | 5.5 | 5.5 | 9y ago | Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags. | |||
| CVE-2016-10070 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via… | |||
| CVE-2016-10066 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file. | |||
| CVE-2016-7409 | medium | 5.5 | 5.5 | 9y ago | The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident. | |||
| CVE-2016-10071 | medium | 5.5 | 5.5 | 9y ago | coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | |||
| CVE-2016-10069 | medium | 5.5 | 5.5 | 9y ago | coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. | |||
| CVE-2016-10068 | medium | 5.5 | 5.5 | 9y ago | The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | |||
| CVE-2016-10062 | medium | 5.5 | 5.5 | 9y ago | The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via… | |||
| CVE-2016-9830 | medium | 5.5 | 5.5 | 9y ago | The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | |||
| CVE-2016-9826 | medium | 5.5 | 5.5 | 9y ago | libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-9825 | medium | 5.5 | 5.5 | 9y ago | libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-9824 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9823 | medium | 5.5 | 5.5 | 9y ago | libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9822 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9821 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||
| CVE-2016-9820 | medium | 5.5 | 5.5 | 9y ago | libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-9819 | medium | 5.5 | 5.5 | 9y ago | libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||
| CVE-2016-10095 | medium | 5.5 | 5.5 | 9y ago | Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7… | |||
| CVE-2016-5240 | medium | 5.5 | 5.5 | 9y ago | The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a… | |||
| CVE-2016-10029 | medium | 5.5 | 5.5 | 9y ago | The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process… | |||
| CVE-2016-10028 | medium | 5.5 | 5.5 | 9y ago | The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (ou… | |||
| CVE-2016-5027 | medium | 5.5 | 5.5 | 9y ago | dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file. | |||
| CVE-2016-4493 | medium | 5.5 | 5.5 | 9y ago | The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted b… | |||
| CVE-2016-4491 | medium | 5.5 | 5.5 | 9y ago | The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and… | |||
| CVE-2016-4490 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and in… | |||
| CVE-2016-4489 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtu… |