- EPSS 0.44%
- Veröffentlicht 23.05.2016 19:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CV...
CVE-2016-4001
- EPSS 4.9%
- Veröffentlicht 23.05.2016 19:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large pac...
CVE-2016-3959
- EPSS 4.34%
- Veröffentlicht 23.05.2016 19:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted pub...
CVE-2016-4482
- EPSS 0.55%
- Veröffentlicht 23.05.2016 10:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN...
CVE-2016-4544
- EPSS 6.69%
- Veröffentlicht 22.05.2016 01:59:29
- Zuletzt bearbeitet 06.05.2026 22:30:45
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly h...
CVE-2016-4543
- EPSS 12.18%
- Veröffentlicht 22.05.2016 01:59:28
- Zuletzt bearbeitet 06.05.2026 22:30:45
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have uns...
CVE-2016-4542
- EPSS 6.06%
- Veröffentlicht 22.05.2016 01:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or po...
CVE-2016-4541
- EPSS 6.23%
- Veröffentlicht 22.05.2016 01:59:26
- Zuletzt bearbeitet 06.05.2026 22:30:45
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact vi...
CVE-2016-4540
- EPSS 6.23%
- Veröffentlicht 22.05.2016 01:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact v...
CVE-2016-4539
- EPSS 6.23%
- Veröffentlicht 22.05.2016 01:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other imp...