Apache : Security Vulnerabilities, CVEs, Published In 2016 (Overflow) CVSS score >= 3

CVE-2016-5017

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.
Max CVSS
8.1
EPSS Score
0.91%
Published
2016-09-21
Updated
2021-11-17

CVE-2016-4463

Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
Max CVSS
7.5
EPSS Score
0.75%
Published
2016-07-08
Updated
2023-02-12

CVE-2015-5343

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.
Max CVSS
8.0
EPSS Score
94.96%
Published
2016-04-14
Updated
2019-02-12

CVE-2015-5259

Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Max CVSS
9.0
EPSS Score
94.36%
Published
2016-01-08
Updated
2017-07-01
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close