Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.
Max CVSS
9.8
EPSS Score
0.25%
Published
2017-01-27
Updated
2018-01-05
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
Max CVSS
9.8
EPSS Score
0.25%
Published
2017-01-27
Updated
2018-01-05
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
Max CVSS
9.8
EPSS Score
0.25%
Published
2017-01-27
Updated
2018-01-05
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
Max CVSS
5.5
EPSS Score
0.05%
Published
2016-10-13
Updated
2023-09-12
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
Max CVSS
8.8
EPSS Score
0.04%
Published
2017-01-19
Updated
2018-01-05
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
Max CVSS
5.5
EPSS Score
1.00%
Published
2016-09-21
Updated
2019-12-27
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
Max CVSS
4.9
EPSS Score
0.04%
Published
2016-12-22
Updated
2016-12-23
SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.52%
Published
2017-06-08
Updated
2017-06-16
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
Max CVSS
7.5
EPSS Score
0.37%
Published
2017-04-14
Updated
2020-11-16
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
Max CVSS
6.5
EPSS Score
0.64%
Published
2016-09-21
Updated
2019-12-27
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
Max CVSS
7.5
EPSS Score
0.12%
Published
2016-09-21
Updated
2019-12-27
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.
Max CVSS
7.5
EPSS Score
0.23%
Published
2017-06-08
Updated
2023-02-12
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-04-19
Updated
2017-04-25
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.
Max CVSS
9.8
EPSS Score
0.65%
Published
2017-06-08
Updated
2023-02-12
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
Max CVSS
8.1
EPSS Score
94.82%
Published
2016-07-19
Updated
2023-02-12
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.
Max CVSS
7.5
EPSS Score
0.34%
Published
2017-06-08
Updated
2023-09-18
setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445.
Max CVSS
7.0
EPSS Score
0.04%
Published
2017-04-11
Updated
2017-04-17
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
Max CVSS
7.5
EPSS Score
0.81%
Published
2016-09-21
Updated
2019-12-27
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
Max CVSS
5.5
EPSS Score
0.05%
Published
2016-06-27
Updated
2023-02-12
The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.
Max CVSS
3.3
EPSS Score
0.04%
Published
2017-04-14
Updated
2023-02-12
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
Max CVSS
7.0
EPSS Score
0.04%
Published
2017-04-11
Updated
2017-04-17
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.
Max CVSS
7.0
EPSS Score
0.04%
Published
2017-04-11
Updated
2017-04-17
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
Max CVSS
7.0
EPSS Score
0.04%
Published
2017-04-11
Updated
2017-04-17
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
Max CVSS
7.8
EPSS Score
1.26%
Published
2016-09-21
Updated
2017-11-04
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
Max CVSS
7.8
EPSS Score
1.06%
Published
2016-09-21
Updated
2017-11-04
145 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!