|
264611
|
7.5 |
HIGH
Network
|
debian
opensuse
libgd
canonical
|
debian_linux
leap
libgd
ubuntu_linux
|
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application cras…
|
CWE-20
Improper Input Validation
|
CVE-2016-6128
|
2024-11-21 11:55 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264612
|
5.5 |
MEDIUM
Local
|
linux
oracle
|
linux_kernel
linux
vm_server
|
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service…
|
CWE-284
Improper Access Control
|
CVE-2016-6198
|
2024-11-21 11:55 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264613
|
5.5 |
MEDIUM
Local
|
oracle
linux
|
linux
linux_kernel
vm_server
|
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing,…
|
CWE-20
Improper Input Validation
|
CVE-2016-6197
|
2024-11-21 11:55 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264614
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor …
|
CWE-264
CWE-119
Permissions, Privileges, and Access Controls
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6187
|
2024-11-21 11:55 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264615
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations.
|
CWE-20
Improper Input Validation
|
CVE-2016-6162
|
2024-11-21 11:55 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264616
|
5.1 |
MEDIUM
Local
|
linux
|
linux_kernel
|
Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access…
|
CWE-362
Race Condition
|
CVE-2016-6156
|
2024-11-21 11:55 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264617
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call …
|
CWE-362
Race Condition
|
CVE-2016-6136
|
2024-11-21 11:55 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264618
|
6.1 |
MEDIUM
Network
|
debian
djangoproject
|
debian_linux
django
|
Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, an…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6186
|
2024-11-21 11:55 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264619
|
9.8 |
CRITICAL
Network
|
sap
|
hana
|
The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified ot…
|
CWE-284
Improper Access Control
|
CVE-2016-6150
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264620
|
5.5 |
MEDIUM
Local
|
sap
|
hana_sps09
|
SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941.
|
CWE-200
Information Exposure
|
CVE-2016-6149
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
