|
265371
|
5.5 |
MEDIUM
Local
|
vmware
|
fusion
|
VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecif…
|
CWE-200
Information Exposure
|
CVE-2016-5329
|
2024-11-21 11:54 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265372
|
5.5 |
MEDIUM
Local
|
vmware
|
tools
|
VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism v…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2016-5328
|
2024-11-21 11:54 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265373
|
6.1 |
MEDIUM
Network
|
horde
|
groupware
|
Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5303
|
2024-11-21 11:54 |
2016-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265374
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's l…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5740
|
2024-11-21 11:54 |
2016-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265375
|
9.8 |
CRITICAL
Network
|
x.org
fedoraproject
|
libxv
fedora
|
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifica…
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2016-5407
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265376
|
7.8 |
HIGH
Local
|
intel
|
graphics_driver
|
The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash)…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5647
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265377
|
9.8 |
CRITICAL
Network
|
oracle
imagemagick
|
solaris
imagemagick
|
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixe…
|
CWE-20
Improper Input Validation
|
CVE-2016-5691
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265378
|
9.8 |
CRITICAL
Network
|
oracle
imagemagick
|
solaris
imagemagick
|
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing th…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-5690
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265379
|
9.8 |
CRITICAL
Network
|
oracle
imagemagick
|
solaris
imagemagick
|
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-5689
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265380
|
8.1 |
HIGH
Network
|
oracle
imagemagick
|
solaris
imagemagick
|
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-va…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5688
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
