CVE-2016-8605
- EPSS 2.79%
- Veröffentlicht 12.01.2017 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mod...
CVE-2016-8606
- EPSS 4.09%
- Veröffentlicht 12.01.2017 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
CVE-2016-2312
- EPSS 0.44%
- Veröffentlicht 23.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
CVE-2016-7966
- EPSS 2.35%
- Veröffentlicht 23.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which gre...
CVE-2016-2334
- EPSS 14.74%
- Veröffentlicht 13.12.2016 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
CVE-2016-7953
- EPSS 3.32%
- Veröffentlicht 13.12.2016 20:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
CVE-2016-7952
- EPSS 2.29%
- Veröffentlicht 13.12.2016 20:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
CVE-2016-7951
- EPSS 2.44%
- Veröffentlicht 13.12.2016 20:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
CVE-2016-7950
- EPSS 2.72%
- Veröffentlicht 13.12.2016 20:59:16
- Zuletzt bearbeitet 06.05.2026 22:30:45
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
CVE-2016-7949
- EPSS 3.72%
- Veröffentlicht 13.12.2016 20:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.