Latest CVE Feed
-
7.8
HIGHCVE-2016-4349
Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local users to gain privileges via a Trojan horse cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, secur32.dll, sxs.... Read more
Affected Products : webex_productivity_tools- Published: Apr. 28, 2016
- Modified: Apr. 12, 2025
-
7.4
HIGHCVE-2016-1389
Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuy44695.... Read more
Affected Products : webex_meetings_server- Published: Apr. 28, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-1386
The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka Bug ID CSCux15521.... Read more
Affected Products : application_policy_infrastructure_controller_enterprise_module- Published: Apr. 28, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2016-1205
Cross-site scripting (XSS) vulnerability in the shiro8 (1) category_freearea_ addition_plugin plugin 1.0 and (2) itemdetail_freearea_ addition_plugin plugin 1.0 for EC-CUBE allows remote attackers to inject arbitrary web script or HTML via unspecified vec... Read more
- Published: Apr. 28, 2016
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2016-0211
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.... Read more
- Published: Apr. 28, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-3672
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and by... Read more
Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-3156
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.... Read more
Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
4.9
MEDIUMCVE-2016-3139
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descr... Read more
Affected Products : linux_kernel suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-3135
Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE se... Read more
- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
8.4
HIGHCVE-2016-3134
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.... Read more
Affected Products : linux_kernel suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
6.2
MEDIUMCVE-2016-2847
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.... Read more
Affected Products : linux_kernel suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
4.9
MEDIUMCVE-2016-2782
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a U... Read more
- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-2550
The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. N... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
6.2
MEDIUMCVE-2016-2549
sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call.... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
6.2
MEDIUMCVE-2016-2548
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_t... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
5.1
MEDIUMCVE-2016-2547
sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
5.1
MEDIUMCVE-2016-2546
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
5.1
MEDIUMCVE-2016-2545
The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
5.1
MEDIUMCVE-2016-2544
Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time.... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025
-
6.2
MEDIUMCVE-2016-2543
The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereferen... Read more
Affected Products : linux_kernel- Published: Apr. 27, 2016
- Modified: Apr. 12, 2025