CVE-2016-3075
- EPSS 7.63%
- Veröffentlicht 01.06.2016 20:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
CVE-2016-0718
- EPSS 13.8%
- Veröffentlicht 26.05.2016 16:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
CVE-2016-4020
- EPSS 0.37%
- Veröffentlicht 25.05.2016 15:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).
- EPSS 0.44%
- Veröffentlicht 23.05.2016 19:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CV...
CVE-2016-4001
- EPSS 4.9%
- Veröffentlicht 23.05.2016 19:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large pac...
CVE-2016-4951
- EPSS 0.52%
- Veröffentlicht 23.05.2016 10:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other...
CVE-2016-4913
- EPSS 0.51%
- Veröffentlicht 23.05.2016 10:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have...
CVE-2016-4805
- EPSS 0.48%
- Veröffentlicht 23.05.2016 10:59:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a n...
CVE-2016-4794
- EPSS 0.49%
- Veröffentlicht 23.05.2016 10:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls.
CVE-2016-4581
- EPSS 0.55%
- Veröffentlicht 23.05.2016 10:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series ...