- EPSS 0.39%
- Veröffentlicht 04.11.2016 21:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
- EPSS 0.39%
- Veröffentlicht 04.11.2016 21:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P o...
- EPSS 0.39%
- Veröffentlicht 04.11.2016 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.
- EPSS 0.39%
- Veröffentlicht 04.11.2016 21:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request...
CVE-2016-9190
- EPSS 2.03%
- Veröffentlicht 04.11.2016 10:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component.
CVE-2016-9189
- EPSS 1.86%
- Veröffentlicht 04.11.2016 10:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component.
CVE-2016-8864
- EPSS 38.73%
- Veröffentlicht 02.11.2016 17:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive...
CVE-2016-5584
- EPSS 1.49%
- Veröffentlicht 25.10.2016 14:30:54
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
- EPSS 24.3%
- Veröffentlicht 10.10.2016 11:00:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
CVE-2016-7424
- EPSS 1.54%
- Veröffentlicht 07.10.2016 14:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.