CVE-2016-8747
- EPSS 2.95%
- Veröffentlicht 14.03.2017 09:59:00
- Zuletzt bearbeitet 16.04.2026 21:06:47
An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different...
CVE-2016-10165
- EPSS 0.87%
- Veröffentlicht 03.02.2017 19:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
CVE-2015-8960
- EPSS 0.33%
- Veröffentlicht 21.09.2016 02:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a clien...
- EPSS 93.49%
- Veröffentlicht 21.04.2016 11:00:21
- Zuletzt bearbeitet 22.04.2026 13:41:41
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.