CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Canonical : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-4558 DoS 2016-05-23 2016-08-02
6.9
None Local Medium Not required Complete Complete Complete
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count.
2 CVE-2016-4324 20 Exec Code 2016-07-08 2016-07-12
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.
3 CVE-2016-4054 119 Exec Code Overflow 2016-04-25 2016-06-21
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
4 CVE-2016-4052 119 DoS Exec Code Overflow 2016-04-25 2016-08-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.
5 CVE-2016-4051 119 DoS Exec Code Overflow 2016-04-25 2016-08-15
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
6 CVE-2016-4002 119 DoS Exec Code Overflow Mem. Corr. 2016-04-26 2016-06-21
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.
7 CVE-2016-3982 119 DoS Exec Code Overflow 2016-04-13 2016-08-01
6.8
None Remote Medium Not required Partial Partial Partial
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.
8 CVE-2016-3698 284 DoS 2016-06-13 2016-06-14
6.8
None Remote Medium Not required Partial Partial Partial
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
9 CVE-2016-2828 Exec Code 2016-06-13 2016-07-26
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.
10 CVE-2016-2821 DoS Exec Code Mem. Corr. 2016-06-13 2016-07-26
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.
11 CVE-2016-2819 119 Exec Code Overflow 2016-06-13 2016-07-26
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
12 CVE-2016-2818 119 DoS Exec Code Overflow Mem. Corr. 2016-06-13 2016-08-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
13 CVE-2016-2815 119 DoS Exec Code Overflow Mem. Corr. 2016-06-13 2016-08-01
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
14 CVE-2016-2330 119 DoS Overflow 2016-02-12 2016-05-25
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image, gif_encode_init, and gif_encode_close functions.
15 CVE-2016-2326 119 DoS Overflow 2016-02-12 2016-05-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
16 CVE-2016-2118 254 2016-04-12 2016-07-07
6.8
None Remote Medium Not required Partial Partial Partial
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
17 CVE-2016-1840 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
18 CVE-2016-1839 119 DoS Overflow 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
19 CVE-2016-1838 119 DoS Overflow 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
20 CVE-2016-1837 119 DoS Overflow 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.
21 CVE-2016-1836 119 DoS Overflow 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.
22 CVE-2016-1835 119 DoS Overflow 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
23 CVE-2016-1834 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
24 CVE-2016-1833 119 DoS Overflow 2016-05-20 2016-07-27
6.8
None Remote Medium Not required Partial Partial Partial
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
25 CVE-2016-1703 DoS 2016-06-05 2016-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
26 CVE-2016-1697 284 Bypass 2016-06-05 2016-07-29
6.8
None Remote Medium Not required Partial Partial Partial
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
27 CVE-2016-1695 DoS 2016-06-05 2016-08-02
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
28 CVE-2016-1680 119 DoS Overflow Mem. Corr. 2016-06-05 2016-08-02
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors.
29 CVE-2016-1679 DoS 2016-06-05 2016-08-02
6.8
None Remote Medium Not required Partial Partial Partial
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
30 CVE-2016-1678 119 DoS Overflow 2016-06-05 2016-08-02
6.8
None Remote Medium Not required Partial Partial Partial
objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
31 CVE-2016-1675 284 Bypass 2016-06-05 2016-08-02
6.8
None Remote Medium Not required Partial Partial Partial
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.
32 CVE-2016-1673 Bypass 2016-06-05 2016-08-02
6.8
None Remote Medium Not required Partial Partial Partial
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
33 CVE-2016-1655 DoS 2016-04-18 2016-07-29
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.
34 CVE-2016-1577 DoS Exec Code 2016-04-13 2016-04-14
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137.
35 CVE-2016-0763 264 DoS Bypass 2016-02-24 2016-08-22
6.5
None Remote Low Single system Partial Partial Partial
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
36 CVE-2016-0714 264 Exec Code Bypass 2016-02-24 2016-08-22
6.5
None Remote Low Single system Partial Partial Partial
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.
37 CVE-2016-0505 2016-01-20 2016-07-28
6.8
None Remote Low Single system None None Complete
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.
38 CVE-2016-0504 2016-01-20 2016-06-07
6.8
None Remote Low Single system None None Complete
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503.
39 CVE-2015-8365 119 DoS Overflow 2015-11-26 2016-06-28
6.8
None Remote Medium Not required Partial Partial Partial
The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Smacker data.
40 CVE-2015-8364 189 DoS Overflow 2015-11-26 2016-05-27
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via crafted image dimensions in Indeo Video Interactive data.
41 CVE-2015-8241 119 DoS Overflow +Info 2015-12-15 2016-08-19
6.4
None Remote Low Not required Partial None Partial
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
42 CVE-2015-7869 189 DoS Overflow +Priv +Info 2015-11-24 2016-08-25
6.6
None Local Medium Not required Complete Partial Complete
Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors, which trigger uninitialized or out of bounds memory access. NOTE: this identifier has been SPLIT per ADT2 and ADT3 due to different vulnerability type and affected versions. See CVE-2015-8328 for the vulnerability in the NVAPI support layer in NVIDIA drivers for Windows.
43 CVE-2015-7696 119 DoS Exec Code Overflow 2015-11-06 2015-11-09
6.8
None Remote Medium Not required Partial Partial Partial
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
44 CVE-2015-7674 189 DoS Exec Code Overflow 2015-10-26 2016-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
45 CVE-2015-7547 119 DoS Exec Code Overflow 2016-02-18 2016-08-23
6.8
None Remote Medium Not required Partial Partial Partial
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
46 CVE-2015-5351 352 Bypass CSRF 2016-02-24 2016-08-22
6.8
None Remote Medium Not required Partial Partial Partial
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
47 CVE-2015-5346 2016-02-24 2016-08-22
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
48 CVE-2015-5214 119 DoS Exec Code Overflow Mem. Corr. 2015-11-10 2015-11-12
6.8
None Remote Medium Not required Partial Partial Partial
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
49 CVE-2015-5213 189 DoS Exec Code Overflow Mem. Corr. 2015-11-10 2015-11-12
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
50 CVE-2015-5212 189 DoS Exec Code Mem. Corr. 2015-11-10 2015-11-12
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
Total number of vulnerabilities : 107   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.