Oracle

Linux

228 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2015-4643

Exploit
  • EPSS 8.66%
  • Veröffentlicht 16.05.2016 10:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer ov...

8.8

CVE-2016-3710

  • EPSS 0.07%
  • Veröffentlicht 11.05.2016 21:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Port...

7.5

CVE-2016-4556

  • EPSS 56.86%
  • Veröffentlicht 10.05.2016 19:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.

7.5

CVE-2016-4555

Exploit
  • EPSS 62.84%
  • Veröffentlicht 10.05.2016 19:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.

8.6

CVE-2016-4554

  • EPSS 68.86%
  • Veröffentlicht 10.05.2016 19:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.

8.6

CVE-2016-4553

  • EPSS 82.84%
  • Veröffentlicht 10.05.2016 19:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.

5.5

CVE-2016-3718

Warnung
  • EPSS 86.94%
  • Veröffentlicht 05.05.2016 18:59:08
  • Zuletzt bearbeitet 22.04.2026 14:35:42

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.8

CVE-2016-3715

Warnung Exploit
  • EPSS 89.25%
  • Veröffentlicht 05.05.2016 18:59:04
  • Zuletzt bearbeitet 22.04.2026 14:35:10

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

7.8

CVE-2016-2143

  • EPSS 0.17%
  • Veröffentlicht 27.04.2016 17:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted appli...

8.1

CVE-2016-4054

  • EPSS 79.92%
  • Veröffentlicht 25.04.2016 14:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.