CVE-2017-5645
- EPSS 89.04%
- Veröffentlicht 17.04.2017 21:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVE-2016-4459
- EPSS 2.67%
- Veröffentlicht 12.04.2017 20:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
CVE-2015-2877
- EPSS 0.94%
- Veröffentlicht 03.03.2017 11:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection...
CVE-2016-2568
- EPSS 0.35%
- Veröffentlicht 13.02.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
CVE-2016-3616
- EPSS 4.39%
- Veröffentlicht 13.02.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
CVE-2016-7091
- EPSS 0.4%
- Veröffentlicht 22.12.2016 21:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted ...
CVE-2016-9675
- EPSS 1.9%
- Veröffentlicht 22.12.2016 21:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
- EPSS 83.52%
- Veröffentlicht 10.11.2016 21:59:00
- Zuletzt bearbeitet 21.04.2026 17:43:46
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc...
CVE-2016-1000033
- EPSS 0.85%
- Veröffentlicht 25.10.2016 14:29:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.
- EPSS 67.73%
- Veröffentlicht 20.09.2016 18:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow loc...