CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Fedoraproject » Fedora : Security Vulnerabilities Published In 2016

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-9014 264 2016-12-09 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.
2 CVE-2016-9013 798 2016-12-09 2017-11-03
7.5
None Remote Low Not required Partial Partial Partial
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary.
3 CVE-2016-7966 94 2016-12-23 2016-12-27
7.5
None Remote Low Not required Partial Partial Partial
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content.
4 CVE-2016-7953 119 Overflow 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
5 CVE-2016-7952 20 DoS 2016-12-13 2016-12-14
5.0
None Remote Low Not required None None Partial
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
6 CVE-2016-7951 125 Overflow 2016-12-13 2016-12-14
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
7 CVE-2016-7950 787 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
8 CVE-2016-7949 787 Overflow 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
9 CVE-2016-7948 787 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
10 CVE-2016-7947 787 Overflow 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
11 CVE-2016-7946 284 DoS 2016-12-13 2017-06-30
5.0
None Remote Low Not required None None Partial
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
12 CVE-2016-7945 125 DoS Overflow 2016-12-13 2017-06-30
5.0
None Remote Low Not required None None Partial
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
13 CVE-2016-7944 190 Overflow +Priv 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
14 CVE-2016-7943 787 +Priv 2016-12-13 2018-09-13
7.5
None Remote Low Not required Partial Partial Partial
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
15 CVE-2016-7942 787 +Priv 2016-12-13 2018-09-13
7.5
None Remote Low Not required Partial Partial Partial
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
16 CVE-2016-7405 89 Sql 2016-10-03 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
17 CVE-2016-7167 190 Overflow 2016-10-07 2018-10-16
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.
18 CVE-2016-7163 125 Exec Code Overflow 2016-09-21 2018-01-04
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
19 CVE-2016-6855 787 DoS 2016-09-07 2017-09-02
5.0
None Remote Low Not required None None Partial
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
20 CVE-2016-6515 20 DoS 2016-08-07 2018-09-11
7.8
None Remote Low Not required None None Complete
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
21 CVE-2016-6494 200 +Info 2016-10-03 2017-11-28
2.1
None Local Low Not required Partial None None
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
22 CVE-2016-6323 284 DoS 2016-10-07 2017-06-30
5.0
None Remote Low Not required None None Partial
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.
23 CVE-2016-6185 284 Exec Code 2016-08-02 2018-05-01
4.6
None Local Low Not required Partial Partial Partial
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
24 CVE-2016-6153 20 DoS +Info 2016-09-26 2017-11-02
4.6
None Local Low Not required Partial Partial Partial
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.
25 CVE-2016-5766 190 DoS Overflow 2016-08-07 2018-01-04
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
26 CVE-2016-5407 125 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
27 CVE-2016-5404 284 2016-09-07 2016-11-28
4.0
None Remote Low Single system None None Partial
The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.
28 CVE-2016-5387 284 2016-07-18 2018-01-18
5.1
None Remote High Not required Partial Partial Partial
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
29 CVE-2016-5386 284 2016-07-18 2017-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
30 CVE-2016-5385 284 2016-07-18 2018-01-18
5.1
None Remote High Not required Partial Partial Partial
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
31 CVE-2016-5384 415 Exec Code 2016-08-12 2017-01-17
4.6
None Local Low Not required Partial Partial Partial
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
32 CVE-2016-5244 200 +Info 2016-06-27 2018-10-17
5.0
None Remote Low Not required Partial None None
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
33 CVE-2016-5157 119 Exec Code Overflow 2016-09-11 2017-11-05
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.
34 CVE-2016-4544 119 DoS Overflow 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
35 CVE-2016-4543 119 DoS Overflow 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
36 CVE-2016-4542 119 DoS Overflow 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
37 CVE-2016-4541 DoS 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
38 CVE-2016-4540 DoS 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
39 CVE-2016-4539 119 DoS Overflow 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero.
40 CVE-2016-4538 20 DoS 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
41 CVE-2016-4537 20 DoS 2016-05-21 2018-01-04
7.5
None Remote Low Not required Partial Partial Partial
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
42 CVE-2016-4482 200 +Info 2016-05-23 2016-11-28
2.1
None Local Low Not required Partial None None
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.
43 CVE-2016-4414 DoS 2016-06-13 2016-06-15
5.0
None Remote Low Not required None None Partial
The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
44 CVE-2016-4037 20 DoS 2016-05-23 2016-11-28
4.9
None Local Low Not required None None Complete
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
45 CVE-2016-4021 399 DoS 2016-05-26 2016-06-15
7.8
None Remote Low Not required None None Complete
The read_binary function in buffer.c in pgpdump before 0.30 allows context-dependent attackers to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string.
46 CVE-2016-4008 399 DoS 2016-05-05 2017-06-30
4.3
None Remote Medium Not required None None Partial
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
47 CVE-2016-4002 119 DoS Exec Code Overflow Mem. Corr. 2016-04-26 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.
48 CVE-2016-4001 20 DoS Overflow 2016-05-23 2017-06-30
4.3
None Remote Medium Not required None None Partial
Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.
49 CVE-2016-3960 264 DoS Overflow +Priv 2016-04-19 2016-12-02
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
50 CVE-2016-3959 20 DoS 2016-05-23 2018-08-13
5.0
None Remote Low Not required None None Partial
The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries.
Total number of vulnerabilities : 121   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.