|
265891
|
9.8 |
CRITICAL
Network
|
php
fedoraproject
opensuse
|
php
fedora
leap
|
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_…
|
CWE-20
Improper Input Validation
|
CVE-2016-4538
|
2024-11-21 11:52 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265892
|
9.8 |
CRITICAL
Network
|
php
opensuse
fedoraproject
|
php
leap
fedora
|
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause …
|
CWE-20
Improper Input Validation
|
CVE-2016-4537
|
2024-11-21 11:52 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265893
|
6.0 |
MEDIUM
Local
|
qemu
canonical
debian
|
qemu
ubuntu_linux
debian_linux
|
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of servi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4441
|
2024-11-21 11:52 |
2016-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265894
|
6.7 |
MEDIUM
Local
|
canonical
qemu
debian
|
ubuntu_linux
qemu
debian_linux
|
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4439
|
2024-11-21 11:52 |
2016-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265895
|
8.4 |
HIGH
Local
|
oracle
xen
|
vm_server
xen
|
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-4480
|
2024-11-21 11:52 |
2016-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265896
|
7.5 |
HIGH
Network
|
jansson_project
|
jansson
|
Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
|
CWE-20
Improper Input Validation
|
CVE-2016-4425
|
2024-11-21 11:52 |
2016-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265897
|
5.3 |
MEDIUM
Network
|
openafs
|
openafs
|
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow…
|
CWE-200
Information Exposure
|
CVE-2016-4536
|
2024-11-21 11:52 |
2016-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265898
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4499
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265899
|
5.5 |
MEDIUM
Network
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
CWE-20
Improper Input Validation
|
CVE-2016-4498
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265900
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
|
CWE-20
Improper Input Validation
|
CVE-2016-4497
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
