Latest CVE Feed
-
7.8
HIGHCVE-2016-7381
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a user input to index an array is... Read more
- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-5852
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enab... Read more
Affected Products : geforce_experience geforce_gt_710 geforce_gt_730 geforce_gtx_1050 geforce_gtx_1060 geforce_gtx_1070 geforce_gtx_1080 quadro_m1000m quadro_m2000 quadro_m2000m +30 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
6.6
MEDIUMCVE-2016-5025
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.... Read more
Affected Products : gpu_driver geforce_gt_710 geforce_gt_730 geforce_gtx_1050 geforce_gtx_1060 geforce_gtx_1070 geforce_gtx_1080 quadro_m1000m quadro_m2000 quadro_m2000m +30 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-4961
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.... Read more
Affected Products : geforce_experience geforce_gt_710 geforce_gt_730 geforce_gtx_1050 geforce_gtx_1060 geforce_gtx_1070 geforce_gtx_1080 quadro_m1000m quadro_m2000 quadro_m2000m +30 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
7.3
HIGHCVE-2016-4960
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.... Read more
Affected Products : geforce_experience geforce_gt_710 geforce_gt_730 geforce_gtx_1050 geforce_gtx_1060 geforce_gtx_1070 geforce_gtx_1080 quadro_m1000m quadro_m2000 quadro_m2000m +30 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-4959
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.... Read more
Affected Products : gpu_driver geforce_gt_710 geforce_gt_730 geforce_gtx_1050 geforce_gtx_1060 geforce_gtx_1070 geforce_gtx_1080 quadro_m1000m quadro_m2000 quadro_m2000m +30 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-3161
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enab... Read more
Affected Products : geforce_experience geforce_gt_710 geforce_gt_730 geforce_gtx_1050 geforce_gtx_1060 geforce_gtx_1070 geforce_gtx_1080 quadro_m1000m quadro_m2000 quadro_m2000m +30 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7865
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7864
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7863
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player mac_os_x +3 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7862
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7861
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7860
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7859
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7858
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-7857
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player +4 more products- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2016-7851
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks.... Read more
Affected Products : connect- Published: Nov. 08, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-9242
Multiple SQL injection vulnerabilities in the update method in framework/modules/core/controllers/expRatingController.php in Exponent CMS 2.4.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) content_type or (2) subtype para... Read more
Affected Products : exponent_cms- Published: Nov. 07, 2016
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2016-9111
Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could no... Read more
Affected Products : receiver_desktop- Published: Nov. 07, 2016
- Modified: Apr. 12, 2025
-
6.0
MEDIUMCVE-2016-8910
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.... Read more
- Published: Nov. 04, 2016
- Modified: Apr. 12, 2025