CVE-2016-4578
- EPSS 0.13%
- Veröffentlicht 23.05.2016 10:59:09
- Zuletzt bearbeitet 12.04.2025 10:46:40
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t...
CVE-2016-1840
- EPSS 2.14%
- Veröffentlicht 20.05.2016 10:59:54
- Zuletzt bearbeitet 12.04.2025 10:46:40
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause...
CVE-2016-1839
- EPSS 10.77%
- Veröffentlicht 20.05.2016 10:59:53
- Zuletzt bearbeitet 12.04.2025 10:46:40
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a craft...
CVE-2016-1838
- EPSS 10.65%
- Veröffentlicht 20.05.2016 10:59:52
- Zuletzt bearbeitet 12.04.2025 10:46:40
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-...
CVE-2016-1837
- EPSS 0.79%
- Veröffentlicht 20.05.2016 10:59:51
- Zuletzt bearbeitet 12.04.2025 10:46:40
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remot...
CVE-2016-1836
- EPSS 1.15%
- Veröffentlicht 20.05.2016 10:59:50
- Zuletzt bearbeitet 12.04.2025 10:46:40
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via ...
CVE-2016-1834
- EPSS 2.37%
- Veröffentlicht 20.05.2016 10:59:48
- Zuletzt bearbeitet 04.12.2025 18:15:49
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2016-1833
- EPSS 1.21%
- Veröffentlicht 20.05.2016 10:59:47
- Zuletzt bearbeitet 12.04.2025 10:46:40
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafte...
CVE-2016-3627
- EPSS 0.29%
- Veröffentlicht 17.05.2016 14:08:02
- Zuletzt bearbeitet 04.12.2025 17:15:48
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML doc...
CVE-2015-4643
- EPSS 8.66%
- Veröffentlicht 16.05.2016 10:59:15
- Zuletzt bearbeitet 12.04.2025 10:46:40
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer ov...