Total
165 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-0749 | 5 Debian, Microsoft, Opensuse and 2 more | 12 Debian Linux, Windows, Leap and 9 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow. | |||||
CVE-2015-4602 | 2 Php, Redhat | 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue. | |||||
CVE-2016-2141 | 1 Redhat | 3 Enterprise Linux, Jboss Enterprise Application Platform, Jgroups | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. | |||||
CVE-2010-5325 | 3 Linuxfoundation, Oracle, Redhat | 8 Foomatic-filters, Linux, Enterprise Linux and 5 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title. | |||||
CVE-2011-3188 | 3 F5, Linux, Redhat | 15 Arx, Big-ip Access Policy Manager, Big-ip Analytics and 12 more | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. |