Latest CVE Feed
-
7.8
HIGHCVE-2016-5828
The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and s... Read more
Affected Products : linux_kernel ubuntu_linux debian_linux suse_linux_enterprise_real_time_extension- EPSS Score: %0.11
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
6.3
MEDIUMCVE-2016-5728
Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and ... Read more
- EPSS Score: %0.01
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-5244
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.... Read more
Affected Products : linux_kernel enterprise_linux fedora linux_enterprise_server suse_linux_enterprise_server linux_enterprise_desktop linux_enterprise_debuginfo linux_enterprise_workstation_extension linux_enterprise_real_time_extension suse_linux_enterprise_software_development_kit +1 more products- EPSS Score: %0.64
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-5243
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.... Read more
Affected Products : linux_kernel- EPSS Score: %0.04
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-4470
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted ke... Read more
- EPSS Score: %0.06
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-4440
arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary c... Read more
Affected Products : linux_kernel- EPSS Score: %0.16
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-3949
Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-T... Read more
- EPSS Score: %4.86
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.1
HIGHCVE-2016-3713
The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of se... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
8.1
HIGHCVE-2016-3707
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to... Read more
- EPSS Score: %1.79
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-1583
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, lea... Read more
Affected Products : linux_kernel ubuntu_linux debian_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- EPSS Score: %0.30
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-0758
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.... Read more
- EPSS Score: %0.20
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2014-9904
The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory alloca... Read more
- EPSS Score: %0.09
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2014-9903
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call.... Read more
Affected Products : linux_kernel- EPSS Score: %0.05
- Published: Jun. 27, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-0301
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-02... Read more
Affected Products : domino- EPSS Score: %1.92
- Published: Jun. 26, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-0279
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-02... Read more
Affected Products : domino- EPSS Score: %1.86
- Published: Jun. 26, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-0278
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-02... Read more
Affected Products : domino- EPSS Score: %1.94
- Published: Jun. 26, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-0277
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0278, CVE-2016-02... Read more
Affected Products : domino- EPSS Score: %1.86
- Published: Jun. 26, 2016
- Modified: Apr. 12, 2025
-
2.5
LOWCVE-2016-0259
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands.... Read more
Affected Products : websphere_mq- EPSS Score: %0.04
- Published: Jun. 26, 2016
- Modified: Apr. 12, 2025
-
2.5
LOWCVE-2015-7473
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp.... Read more
Affected Products : websphere_mq- EPSS Score: %0.05
- Published: Jun. 26, 2016
- Modified: Apr. 12, 2025
-
4.4
MEDIUMCVE-2016-5087
Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak permissions for configuration files and unspecified other files, which allows local users to suppress emergency notifications or change content via standard filesystem operations.... Read more
Affected Products : alertus_desktop_notification_for_os_x- EPSS Score: %0.08
- Published: Jun. 26, 2016
- Modified: Apr. 12, 2025