CVEs from 2016
Total
8,452
critical
critical 1,165
high
high 3,521
medium
medium 3,172
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8690 | medium | 5.5 | 5.5 | 9y ago | The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo comm… | |||
| CVE-2016-8688 | medium | 5.5 | 5.5 | 9y ago | The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which trig… | |||
| CVE-2016-6832 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing. | |||
| CVE-2016-9354 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in Moxa DACenter Versions 1.4 and older. A specially crafted project file may cause the program to crash because of Uncontrolled Resource Consumption. | |||
| CVE-2016-4546 | medium | 5.5 | 5.5 | 9y ago | Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | |||
| CVE-2016-10198 | medium | 5.5 | 5.5 | 9y ago | The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and … | |||
| CVE-2016-0203 | medium | 5.5 | 5.5 | 9y ago | A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual … | |||
| CVE-2016-3020 | medium | 5.5 | 5.5 | 9y ago | IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specia… | |||
| CVE-2016-9532 | medium | 5.5 | 5.5 | 9y ago | Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file. | |||
| CVE-2016-5102 | medium | 5.5 | 5.5 | 9y ago | Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. | |||
| CVE-2016-10154 | medium | 5.5 | 5.5 | 9y ago | The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (sys… | |||
| CVE-2016-4797 | medium | 5.5 | 5.5 | 10y ago | Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE:… | |||
| CVE-2016-4796 | medium | 5.5 | 5.5 | 10y ago | Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file. | |||
| CVE-2016-3183 | medium | 5.5 | 5.5 | 10y ago | The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file. | |||
| CVE-2016-9642 | medium | 5.5 | 5.5 | 10y ago | JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file. | |||
| CVE-2016-9082 | medium | 5.5 | 5.5 | 10y ago | Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file. | |||
| CVE-2016-8569 | medium | 5.5 | 5.5 | 10y ago | The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. | |||
| CVE-2016-8568 | medium | 5.5 | 5.5 | 10y ago | The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. | |||
| CVE-2016-6163 | medium | 5.5 | 5.5 | 10y ago | The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. | |||
| CVE-2016-5241 | medium | 5.5 | 5.5 | 10y ago | magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. | |||
| CVE-2016-5115 | medium | 5.5 | 5.5 | 10y ago | The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. | |||
| CVE-2016-4571 | medium | 5.5 | 5.5 | 10y ago | The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. | |||
| CVE-2016-4570 | medium | 5.5 | 5.5 | 10y ago | The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. | |||
| CVE-2016-4352 | medium | 5.5 | 5.5 | 10y ago | Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file. | |||
| CVE-2016-2318 | medium | 5.5 | 5.5 | 10y ago | GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartEle… | |||
| CVE-2016-2317 | medium | 5.5 | 5.5 | 10y ago | Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) G… | |||
| CVE-2016-6238 | medium | 5.5 | 5.5 | 10y ago | The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file. | |||
| CVE-2016-6237 | medium | 5.5 | 5.5 | 10y ago | The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds write) via a crafted jpeg file. | |||
| CVE-2016-6236 | medium | 5.5 | 5.5 | 10y ago | The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file. | |||
| CVE-2016-6235 | medium | 5.5 | 5.5 | 10y ago | The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted jpeg file. | |||
| CVE-2016-6234 | medium | 5.5 | 5.5 | 10y ago | The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file. | |||
| CVE-2016-8963 | medium | 5.5 | 5.5 | 10y ago | IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user. | |||
| CVE-2016-2941 | medium | 5.5 | 5.5 | 10y ago | IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could be read by a local user. | |||
| CVE-2016-8967 | medium | 5.5 | 5.5 | 10y ago | IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user. | |||
| CVE-2016-0371 | medium | 5.5 | 5.5 | 10y ago | The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled. | |||
| CVE-2016-8981 | medium | 5.5 | 5.5 | 10y ago | IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system. | |||
| CVE-2016-8697 | medium | 5.5 | 5.5 | 10y ago | The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image. | |||
| CVE-2016-8696 | medium | 5.5 | 5.5 | 10y ago | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulne… | |||
| CVE-2016-8695 | medium | 5.5 | 5.5 | 10y ago | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulne… | |||
| CVE-2016-8694 | medium | 5.5 | 5.5 | 10y ago | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulne… | |||
| CVE-2016-8685 | medium | 5.5 | 5.5 | 10y ago | The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image. | |||
| CVE-2016-9039 | medium | 5.5 | 5.5 | 10y ago | An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An at… | |||
| CVE-2016-5434 | medium | 5.5 | 5.5 | 10y ago | libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file. | |||
| CVE-2016-5026 | medium | 5.5 | 5.5 | 10y ago | hs.py in OnionShare before 0.9.1 allows local users to modify the hiddenservice by pre-creating the /tmp/onionshare directory. | |||
| CVE-2016-9298 | medium | 5.5 | 5.5 | 10y ago | Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted im… | |||
| CVE-2016-7569 | medium | 5.5 | 5.5 | 10y ago | Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. (dot dot) in the embedded layer data in an image. | |||
| CVE-2016-5825 | medium | 5.5 | 5.5 | 10y ago | The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. | |||
| CVE-2016-5824 | medium | 5.5 | 5.5 | 10y ago | libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | |||
| CVE-2016-5823 | medium | 5.5 | 5.5 | 10y ago | The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | |||
| CVE-2016-3996 | medium | 5.5 | 5.5 | 10y ago | ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. | |||
| CVE-2016-1920 | medium | 5.5 | 5.5 | 10y ago | Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | |||
| CVE-2016-9317 | medium | 5.5 | 5.5 | 10y ago | The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. | |||
| CVE-2016-6911 | medium | 5.5 | 5.5 | 10y ago | The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. | |||
| CVE-2016-10025 | medium | 5.5 | 5.5 | 10y ago | VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging … | |||
| CVE-2016-9401 | medium | 5.5 | 5.5 | 10y ago | popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | |||
| CVE-2016-7410 | medium | 5.5 | 5.5 | 10y ago | The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file. | |||
| CVE-2016-10147 | medium | 5.5 | 5.5 | 10y ago | crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm… | |||
| CVE-2016-9278 | medium | 5.5 | 5.5 | 10y ago | The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE… | |||
| CVE-2016-9273 | medium | 5.5 | 5.5 | 10y ago | tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | |||
| CVE-2016-7906 | medium | 5.5 | 5.5 | 10y ago | magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file. | |||
| CVE-2016-9810 | medium | 5.5 | 5.5 | 10y ago | The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) v… | |||
| CVE-2016-9807 | medium | 5.5 | 5.5 | 10y ago | The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file. | |||
| CVE-2016-8883 | medium | 5.5 | 5.5 | 10y ago | The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-8882 | medium | 5.5 | 5.5 | 10y ago | The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | |||
| CVE-2016-8467 | medium | 5.5 | 5.5 | 10y ago | An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent … | |||
| CVE-2016-10135 | medium | 5.5 | 5.5 | 10y ago | An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with … | |||
| CVE-2016-8463 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to … | |||
| CVE-2016-8462 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access … | |||
| CVE-2016-8461 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access … | |||
| CVE-2016-8460 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it c… | |||
| CVE-2016-8400 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the NVIDIA librm library (libnvrm) could enable a local malicious application to access data outside of its permission levels. This issue is rated as Modera… | |||
| CVE-2016-8397 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it c… | |||
| CVE-2016-8396 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the MediaTek video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it… | |||
| CVE-2016-6773 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderat… | |||
| CVE-2016-6767 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remot… | |||
| CVE-2016-6766 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High … | |||
| CVE-2016-6765 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the po… | |||
| CVE-2016-6764 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remot… | |||
| CVE-2016-6763 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in Telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the poss… | |||
| CVE-2016-9869 | medium | 5.5 | 5.5 | 10y ago | An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO … | |||
| CVE-2016-9868 | medium | 5.5 | 5.5 | 10y ago | An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which … | |||
| CVE-2016-4329 | medium | 5.5 | 5.5 | 10y ago | A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause ap… | |||
| CVE-2016-4307 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel dr… | |||
| CVE-2016-4306 | medium | 5.5 | 5.5 | 10y ago | Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memor… | |||
| CVE-2016-4305 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF ke… | |||
| CVE-2016-4304 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violatio… | |||
| CVE-2016-9776 | medium | 5.5 | 5.5 | 10y ago | QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A pri… | |||
| CVE-2016-2198 | medium | 5.5 | 5.5 | 10y ago | QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registe… | |||
| CVE-2016-2197 | medium | 5.5 | 5.5 | 10y ago | QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List B… | |||
| CVE-2016-1981 | medium | 5.5 | 5.5 | 10y ago | QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the in… | |||
| CVE-2016-1922 | medium | 5.5 | 5.5 | 10y ago | QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp i… | |||
| CVE-2016-5329 | medium | 5.5 | 5.5 | 10y ago | VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecif… | |||
| CVE-2016-5328 | medium | 5.5 | 5.5 | 10y ago | VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism v… | |||
| CVE-2016-9756 | medium | 5.5 | 5.5 | 10y ago | arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel st… | |||
| CVE-2016-9685 | medium | 5.5 | 5.5 | 10y ago | Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operatio… | |||
| CVE-2016-9588 | medium | 5.5 | 5.5 | 10y ago | arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception… | |||
| CVE-2016-9923 | medium | 5.5 | 5.5 | 10y ago | Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could… | |||
| CVE-2016-6910 | medium | 5.5 | 5.5 | 10y ago | The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even af… | |||
| CVE-2016-9561 | medium | 5.5 | 5.5 | 10y ago | The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a cr… | |||
| CVE-2016-8595 | medium | 5.5 | 5.5 | 10y ago | The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1.5 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file. |