|
266111
|
7.5 |
HIGH
Network
|
x.org
fedoraproject
|
libxi
fedora
|
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
|
CWE-284
Improper Access Control
|
CVE-2016-7946
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266112
|
7.5 |
HIGH
Network
|
fedoraproject
x.org
|
fedora
libxi
|
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
|
CWE-125
CWE-190
Out-of-bounds Read
Integer Overflow or Wraparound
|
CVE-2016-7945
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266113
|
9.8 |
CRITICAL
Network
|
x.org
fedoraproject
|
libxfixes
fedora
|
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and …
|
CWE-264
CWE-190
Permissions, Privileges, and Access Controls
Integer Overflow or Wraparound
|
CVE-2016-7944
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266114
|
9.8 |
CRITICAL
Network
|
fedoraproject
x.org
|
fedora
libx11
|
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-7943
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266115
|
9.8 |
CRITICAL
Network
|
fedoraproject
x.org
|
fedora
libx11
|
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
|
CWE-264
CWE-787
Permissions, Privileges, and Access Controls
Out-of-bounds Write
|
CVE-2016-7942
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266116
|
5.5 |
MEDIUM
Local
|
mariadb
oracle
wolfssl
debian
|
mariadb
mysql
wolfssl
debian_linux
|
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differen…
|
NVD-CWE-noinfo
|
CVE-2016-7440
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266117
|
5.5 |
MEDIUM
Local
|
wolfssl
|
wolfssl
|
The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.
|
CWE-310
Cryptographic Issues
|
CVE-2016-7439
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266118
|
5.5 |
MEDIUM
Local
|
wolfssl
|
wolfssl
|
The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.
|
CWE-310
Cryptographic Issues
|
CVE-2016-7438
|
2024-11-21 11:58 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266119
|
6.0 |
MEDIUM
Local
|
qemu
opensuse
|
qemu
leap
|
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large numbe…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2016-7995
|
2024-11-21 11:58 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266120
|
6.0 |
MEDIUM
Local
|
qemu
opensuse
|
qemu
leap
|
Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2016-7994
|
2024-11-21 11:58 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
