The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.
The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.
Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local users to obtain root privileges via unspecified commands, aka Bug ID CSCur18132. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.