CVE-2016-9843
- EPSS 5.95%
- Veröffentlicht 23.05.2017 04:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2017-9117
- EPSS 2.22%
- Veröffentlicht 21.05.2017 19:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: me...
CVE-2017-9058
- EPSS 1.54%
- Veröffentlicht 18.05.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
CVE-2017-8831
- EPSS 0.37%
- Veröffentlicht 08.05.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain se...
CVE-2017-6519
- EPSS 3.08%
- Veröffentlicht 01.05.2017 01:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leaka...
CVE-2017-7645
- EPSS 5.91%
- Veröffentlicht 18.04.2017 14:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
CVE-2017-7889
- EPSS 0.31%
- Veröffentlicht 17.04.2017 00:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access re...
CVE-2016-0727
- EPSS 1.25%
- Veröffentlicht 14.04.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users wi...
CVE-2016-6489
- EPSS 5.01%
- Veröffentlicht 14.04.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
CVE-2015-8567
- EPSS 5.56%
- Veröffentlicht 13.04.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).