Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2037 | 2 Debian, Gnu | 2 Debian Linux, Cpio | 2016-12-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file. | |||||
| CVE-2016-0860 | 1 Advantech | 1 Webaccess | 2016-12-06 | 10.0 HIGH | 7.5 HIGH |
| Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request. | |||||
| CVE-2015-8149 | 1 Symantec | 1 Encryption Management Server | 2016-12-06 | 5.0 MEDIUM | 7.5 HIGH |
| The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. | |||||
| CVE-2015-4059 | 1 Wavelink | 1 Terminal Emulation | 2016-12-06 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the License Server (LicenseServer.exe) in Wavelink Terminal Emulation (TE) allows remote attackers to execute arbitrary code via a large HTTP header. | |||||
| CVE-2015-4060 | 1 Wavelink | 1 Connectpro | 2016-12-06 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) service in Wavelink ConnectPro allows remote attackers to execute arbitrary code via a large HTTP header. | |||||
| CVE-2015-3955 | 1 Hospira | 3 Lifecare Pca3, Lifecare Pca5, Lifecare Pcainfusion Firmware | 2016-12-06 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-4417 | 1 Wireshark | 1 Wireshark | 2016-12-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| Off-by-one error in epan/dissectors/packet-gsm_abis_oml.c in the GSM A-bis OML dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet that triggers a 0xff tag value. | |||||
| CVE-2016-4418 | 1 Wireshark | 1 Wireshark | 2016-12-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet that triggers an empty set. | |||||
| CVE-2016-2344 | 1 Autodesk | 1 Autodesk Backburner | 2016-12-03 | 7.8 HIGH | 7.5 HIGH |
| Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016.0.0.2150 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted command. NOTE: this is only a vulnerability in environments in which the administrator has not followed documentation that outlines the security risks of operating Backburner on untrusted networks. | |||||
| CVE-2016-2563 | 2 9bis, Simon Tatham | 2 Kitty, Putty | 2016-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request. | |||||
| CVE-2016-1959 | 1 Mozilla | 1 Firefox | 2016-12-03 | 6.8 MEDIUM | 8.8 HIGH |
| The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API. | |||||
| CVE-2016-1963 | 1 Mozilla | 1 Firefox | 2016-12-03 | 4.4 MEDIUM | 7.4 HIGH |
| The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation. | |||||
| CVE-2016-1970 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2016-12-03 | 6.8 MEDIUM | 8.8 HIGH |
| Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2016-1971 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2016-12-03 | 6.8 MEDIUM | 8.8 HIGH |
| The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. | |||||
| CVE-2016-1732 | 1 Apple | 1 Mac Os X | 2016-12-03 | 2.1 LOW | 5.5 MEDIUM |
| AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2016-1733 | 1 Apple | 1 Mac Os X | 2016-12-03 | 9.3 HIGH | 7.8 HIGH |
| AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2016-1737 | 1 Apple | 1 Mac Os X | 2016-12-03 | 6.8 MEDIUM | 6.3 MEDIUM |
| Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file. | |||||
| CVE-2016-1736 | 1 Apple | 1 Mac Os X | 2016-12-03 | 9.3 HIGH | 7.8 HIGH |
| Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735. | |||||
| CVE-2016-1734 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-03 | 7.2 HIGH | 6.8 MEDIUM |
| AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device. | |||||
| CVE-2016-1767 | 1 Apple | 1 Mac Os X | 2016-12-03 | 6.8 MEDIUM | 7.8 HIGH |
| QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768. | |||||