|
267041
|
6.5 |
MEDIUM
Local
|
qemu
|
qemu
|
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A …
|
CWE-200
Information Exposure
|
CVE-2016-9845
|
2024-11-21 12:01 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267042
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A pri…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2016-9776
|
2024-11-21 12:01 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267043
|
5.4 |
MEDIUM
Network
|
dotclear
|
dotclear
|
Cross-site scripting (XSS) vulnerability in admin/media.php and admin/media_item.php in Dotclear before 2.11 allows remote authenticated users to inject arbitrary web script or HTML via the upfiletit…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9891
|
2024-11-21 12:01 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267044
|
7.5 |
HIGH
Network
|
pivotal_software
vmware
|
spring_framework
|
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result expose…
|
CWE-22
Path Traversal
|
CVE-2016-9878
|
2024-11-21 12:01 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267045
|
9.8 |
CRITICAL
Network
|
pivotal_software
vmware
|
rabbitmq
|
An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT (MQ Telemetry Transport…
|
CWE-284
Improper Access Control
|
CVE-2016-9877
|
2024-11-21 12:01 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267046
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified oth…
|
CWE-362
CWE-415
Race Condition
Double Free
|
CVE-2016-9806
|
2024-11-21 12:01 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267047
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or …
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2016-9794
|
2024-11-21 12:01 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267048
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9793
|
2024-11-21 12:01 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267049
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9777
|
2024-11-21 12:01 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267050
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel st…
|
CWE-200
Information Exposure
|
CVE-2016-9756
|
2024-11-21 12:01 |
2016-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
