Export limit exceeded: 366753 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366753 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10707 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-3960 3 Fedoraproject, Oracle, Xen 3 Fedora, Vm Server, Xen 2025-04-12 N/A
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
CVE-2016-3990 3 Libtiff, Oracle, Redhat 3 Libtiff, Vm Server, Enterprise Linux 2025-04-12 N/A
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.
CVE-2016-3991 3 Libtiff, Oracle, Redhat 3 Libtiff, Vm Server, Enterprise Linux 2025-04-12 N/A
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
CVE-2016-4053 4 Canonical, Oracle, Redhat and 1 more 4 Ubuntu Linux, Linux, Enterprise Linux and 1 more 2025-04-12 N/A
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
CVE-2016-4054 4 Canonical, Oracle, Redhat and 1 more 4 Ubuntu Linux, Linux, Enterprise Linux and 1 more 2025-04-12 N/A
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4447 9 Apple, Canonical, Debian and 6 more 14 Iphone Os, Itunes, Mac Os X and 11 more 2025-04-12 N/A
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
CVE-2016-4448 9 Apple, Hp, Mcafee and 6 more 22 Icloud, Iphone Os, Itunes and 19 more 2025-04-12 9.8 Critical
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2016-4480 2 Oracle, Xen 2 Vm Server, Xen 2025-04-12 N/A
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.
CVE-2016-4805 5 Canonical, Linux, Novell and 2 more 12 Ubuntu Linux, Linux Kernel, Opensuse Leap and 9 more 2025-04-12 7.8 High
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.
CVE-2016-4809 3 Libarchive, Oracle, Redhat 10 Libarchive, Linux, Enterprise Linux and 7 more 2025-04-12 N/A
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
CVE-2016-4951 3 Canonical, Linux, Oracle 3 Ubuntu Linux, Linux Kernel, Linux 2025-04-12 7.8 High
The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation.
CVE-2016-4953 5 Ntp, Opensuse, Oracle and 2 more 15 Ntp, Leap, Opensuse and 12 more 2025-04-12 7.5 High
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
CVE-2016-4954 5 Ntp, Opensuse, Oracle and 2 more 15 Ntp, Leap, Opensuse and 12 more 2025-04-12 7.5 High
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
CVE-2016-4955 6 Novell, Ntp, Opensuse and 3 more 11 Suse Manager, Ntp, Leap and 8 more 2025-04-12 5.9 Medium
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
CVE-2016-4956 6 Novell, Ntp, Opensuse and 3 more 11 Suse Manager, Ntp, Leap and 8 more 2025-04-12 5.3 Medium
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
CVE-2016-4971 5 Canonical, Gnu, Oracle and 2 more 5 Ubuntu Linux, Wget, Solaris and 2 more 2025-04-12 8.8 High
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVE-2016-5118 8 Canonical, Debian, Graphicsmagick and 5 more 15 Ubuntu Linux, Debian Linux, Graphicsmagick and 12 more 2025-04-12 9.8 Critical
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
CVE-2016-5126 5 Canonical, Debian, Oracle and 2 more 13 Ubuntu Linux, Debian Linux, Linux and 10 more 2025-04-12 7.8 High
Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
CVE-2016-5252 3 Mozilla, Oracle, Redhat 3 Firefox, Linux, Enterprise Linux 2025-04-12 N/A
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.
CVE-2016-5254 3 Mozilla, Oracle, Redhat 3 Firefox, Linux, Enterprise Linux 2025-04-12 N/A
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.