Export limit exceeded: 10706 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10706 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-5690 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 N/A
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
CVE-2016-5691 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 N/A
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
CVE-2016-5696 4 Google, Linux, Oracle and 1 more 8 Android, Linux Kernel, Vm Server and 5 more 2025-04-12 N/A
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
CVE-2016-5842 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 7.5 High
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVE-2016-5844 3 Libarchive, Oracle, Redhat 11 Libarchive, Linux, Solaris and 8 more 2025-04-12 N/A
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
CVE-2016-6197 3 Linux, Oracle, Redhat 5 Linux Kernel, Linux, Vm Server and 2 more 2025-04-12 N/A
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
CVE-2016-6491 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 N/A
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
CVE-2016-6662 5 Debian, Mariadb, Oracle and 2 more 13 Debian Linux, Mariadb, Mysql and 10 more 2025-04-12 N/A
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
CVE-2016-6663 4 Mariadb, Oracle, Percona and 1 more 6 Mariadb, Mysql, Percona Server and 3 more 2025-04-12 N/A
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
CVE-2016-6664 4 Mariadb, Oracle, Percona and 1 more 6 Mariadb, Mysql, Percona Server and 3 more 2025-04-12 7.0 High
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
CVE-2016-7039 3 Linux, Oracle, Redhat 6 Linux Kernel, Linux, Vm Server and 3 more 2025-04-12 7.5 High
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.
CVE-2016-7166 3 Libarchive, Oracle, Redhat 10 Libarchive, Linux, Enterprise Linux and 7 more 2025-04-12 N/A
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
CVE-2016-8284 2 Oracle, Redhat 2 Mysql, Rhel Software Collections 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.
CVE-2016-8285 1 Oracle 1 Peoplesoft Enterprise Human Capital Management Candidate Gateway 2025-04-12 N/A
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote administrators to affect confidentiality and integrity via vectors related to Candidate Gateway.
CVE-2016-8286 1 Oracle 1 Mysql 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.
CVE-2016-8287 1 Oracle 1 Mysql 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.
CVE-2016-8288 2 Oracle, Redhat 2 Mysql, Rhel Software Collections 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.
CVE-2016-8289 1 Oracle 1 Mysql 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.
CVE-2016-4913 5 Canonical, Linux, Novell and 2 more 8 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 5 more 2025-04-12 7.8 High
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
CVE-2016-4997 6 Canonical, Debian, Linux and 3 more 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more 2025-04-12 7.8 High
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.