Oracle

Linux

225 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-2794

  • EPSS 1.8%
  • Published 13.03.2016 18:59:33
  • Last modified 12.04.2025 10:46:40

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have...

8.8

CVE-2016-2793

  • EPSS 0.79%
  • Published 13.03.2016 18:59:32
  • Last modified 12.04.2025 10:46:40

CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphi...

8.8

CVE-2016-2792

  • EPSS 0.79%
  • Published 13.03.2016 18:59:31
  • Last modified 12.04.2025 10:46:40

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecifie...

8.8

CVE-2016-2791

  • EPSS 0.79%
  • Published 13.03.2016 18:59:30
  • Last modified 12.04.2025 10:46:40

The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other ...

8.8

CVE-2016-2790

  • EPSS 0.79%
  • Published 13.03.2016 18:59:29
  • Last modified 12.04.2025 10:46:40

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a ...

8.8

CVE-2016-1977

  • EPSS 0.96%
  • Published 13.03.2016 18:59:26
  • Last modified 12.04.2025 10:46:40

The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory c...

8.8

CVE-2016-1974

  • EPSS 0.68%
  • Published 13.03.2016 18:59:23
  • Last modified 12.04.2025 10:46:40

The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-o...

8.8

CVE-2016-1973

  • EPSS 0.84%
  • Published 13.03.2016 18:59:22
  • Last modified 12.04.2025 10:46:40

Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.

8.8

CVE-2016-1966

  • EPSS 1.01%
  • Published 13.03.2016 18:59:15
  • Last modified 12.04.2025 10:46:40

The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereferenc...

4.3

CVE-2016-1965

  • EPSS 0.44%
  • Published 13.03.2016 18:59:14
  • Last modified 12.04.2025 10:46:40

Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.prot...