Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-6289 1 Php 1 Php 2018-01-05 6.8 MEDIUM 7.8 HIGH
Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive.
CVE-2016-7549 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) or possibly have unspecified other impact by leveraging access to a renderer process, related to render_frame_host_impl.cc and render_widget_host_impl.cc, as demonstrated by a Password Manager message.
CVE-2016-7910 1 Linux 1 Linux Kernel 2018-01-05 9.3 HIGH 7.8 HIGH
Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.
CVE-2016-9576 1 Linux 1 Linux Kernel 2018-01-05 7.2 HIGH 7.8 HIGH
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.
CVE-2017-10983 1 Freeradius 1 Freeradius 2018-01-05 5.0 MEDIUM 7.5 HIGH
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.
CVE-2016-5423 2 Debian, Postgresql 2 Debian Linux, Postgresql 2018-01-05 6.5 MEDIUM 8.3 HIGH
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.
CVE-2016-5424 2 Debian, Postgresql 2 Debian Linux, Postgresql 2018-01-05 4.6 MEDIUM 7.1 HIGH
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.
CVE-2016-9083 1 Linux 1 Linux Kernel 2018-01-05 7.2 HIGH 7.8 HIGH
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."
CVE-2016-9177 1 Sparkjava 1 Spark 2018-01-05 5.0 MEDIUM 7.5 HIGH
Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2017-7486 1 Postgresql 1 Postgresql 2018-01-05 5.0 MEDIUM 7.5 HIGH
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
CVE-2017-7187 1 Linux 1 Linux Kernel 2018-01-05 7.2 HIGH 7.8 HIGH
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
CVE-2017-5099 3 Debian, Google, Linux 3 Debian Linux, Chrome, Linux Kernel 2018-01-05 6.8 MEDIUM 8.8 HIGH
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page.
CVE-2017-5032 2 Google, Microsoft 2 Chrome, Windows 2018-01-05 6.8 MEDIUM 8.8 HIGH
PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5097 3 Debian, Google, Linux 3 Debian Linux, Chrome, Linux Kernel 2018-01-05 6.8 MEDIUM 8.8 HIGH
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5034 3 Google, Linux, Microsoft 3 Chrome, Linux Kernel, Windows 2018-01-05 6.8 MEDIUM 8.8 HIGH
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
CVE-2017-5074 2 Google, Microsoft 2 Chrome, Windows 2018-01-05 5.4 MEDIUM 8.0 HIGH
A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.
CVE-2017-5495 1 Quagga 1 Quagga 2018-01-05 7.8 HIGH 7.5 HIGH
All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP ports can trigger this vulnerability, prior to authentication. Most distributions restrict the Quagga telnet interface to local access only by default. The Quagga telnet interface 'vty' input buffer grows automatically, without bound, so long as a newline is not entered. This allows an attacker to cause the Quagga daemon to allocate unbounded memory by sending very long strings without a newline. Eventually the daemon is terminated by the system, or the system itself runs out of memory. This is fixed in Quagga 1.1.1 and Free Range Routing (FRR) Protocol Suite 2017-01-10.
CVE-2017-5843 1 Gstreamer Project 1 Gstreamer 2018-01-05 5.0 MEDIUM 7.5 HIGH
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.
CVE-2017-5080 3 Google, Linux, Microsoft 3 Chrome, Linux Kernel, Windows 2018-01-05 6.8 MEDIUM 8.8 HIGH
A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5092 3 Debian, Google, Microsoft 3 Debian Linux, Chrome, Windows 2018-01-05 6.8 MEDIUM 8.8 HIGH
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2016-5652 1 Libtiff 1 Libtiff 2018-01-05 6.8 MEDIUM 7.0 HIGH
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
CVE-2016-7130 1 Php 1 Php 2018-01-05 5.0 MEDIUM 7.5 HIGH
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document.
CVE-2016-7125 1 Php 1 Php 2018-01-05 5.0 MEDIUM 7.5 HIGH
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
CVE-2016-5767 2 Libgd, Php 2 Libgd, Php 2018-01-05 6.8 MEDIUM 8.8 HIGH
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.
CVE-2016-8602 1 Artifex 1 Ghostscript 2018-01-05 6.8 MEDIUM 7.8 HIGH
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
CVE-2016-5546 1 Oracle 3 Jdk, Jre, Jrockit 2018-01-05 5.0 MEDIUM 7.5 HIGH
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts).
CVE-2016-7401 3 Canonical, Debian, Djangoproject 3 Ubuntu Linux, Debian Linux, Django 2018-01-05 5.0 MEDIUM 7.5 HIGH
The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.
CVE-2016-5183 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files.
CVE-2016-5170 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls.
CVE-2016-5171 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
CVE-2016-5173 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 7.1 HIGH
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect interception attack.
CVE-2015-8917 3 Canonical, Debian, Libarchive 3 Ubuntu Linux, Debian Linux, Libarchive 2018-01-05 5.0 MEDIUM 7.5 HIGH
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.
CVE-2015-8879 1 Php 1 Php 2018-01-05 5.0 MEDIUM 7.5 HIGH
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.
CVE-2015-8877 2 Libgd, Php 2 Libgd, Php 2018-01-05 5.0 MEDIUM 7.5 HIGH
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
CVE-2016-5175 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-3699 2 Linux, Redhat 3 Linux Kernel, Enterprise Mrg, Linux 2018-01-05 6.9 MEDIUM 7.4 HIGH
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
CVE-2016-2069 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2018-01-05 4.4 MEDIUM 7.4 HIGH
Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.
CVE-2016-4794 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2018-01-05 7.2 HIGH 7.8 HIGH
Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls.
CVE-2016-5182 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages.
CVE-2016-5184 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files.
CVE-2016-5185 1 Google 1 Chrome 2018-01-05 6.8 MEDIUM 8.8 HIGH
Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly allowed reentrance of FrameView::updateLifecyclePhasesInternal(), which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages.
CVE-2016-4475 1 Theforeman 1 Foreman 2018-01-05 6.5 MEDIUM 8.8 HIGH
The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors.
CVE-2016-3112 1 Pulpproject 1 Pulp 2018-01-05 5.0 MEDIUM 7.5 HIGH
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user.
CVE-2016-3108 1 Pulpproject 1 Pulp 2018-01-05 3.6 LOW 7.1 HIGH
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.
CVE-2016-4271 5 Adobe, Apple, Google and 2 more 7 Flash Player, Mac Os X, Chrome Os and 4 more 2018-01-05 5.0 MEDIUM 7.5 HIGH
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue.
CVE-2016-4277 5 Adobe, Apple, Google and 2 more 7 Flash Player, Mac Os X, Chrome Os and 4 more 2018-01-05 5.0 MEDIUM 7.5 HIGH
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278.
CVE-2016-1541 1 Libarchive 1 Libarchive 2018-01-05 6.8 MEDIUM 8.8 HIGH
Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.
CVE-2016-2117 3 Canonical, Linux, Oracle 3 Ubuntu Linux, Linux Kernel, Vm Server 2018-01-05 5.0 MEDIUM 7.5 HIGH
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
CVE-2016-10002 2 Debian, Squid-cache 2 Debian Linux, Squid 2018-01-05 5.0 MEDIUM 7.5 HIGH
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
CVE-2016-10088 1 Linux 1 Linux Kernel 2018-01-05 6.9 MEDIUM 7.0 HIGH
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.