Skip to main content
CVE-2016-1583 HIGH POC PATCH This Week

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Buffer Overflow Linux Kernel Suse Linux Enterprise Software Development Kit +8
NVD GitHub Exploit-DB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2016-3949 HIGH This Week

Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Siemens Simatic S7 300 With Profitnet Support Firmware Simatic S7 300 Without Profitnet Support Firmware
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2016-3707 HIGH This Week

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Red Hat Linux Authentication Bypass Linux Kernel Rt Enterprise Linux For Real Time +2
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2016-0758 HIGH This Week

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Linux Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +6
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-5829 HIGH PATCH This Week

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Buffer Overflow Debian Linux Linux Kernel +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-5828 HIGH PATCH This Week

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Suse Linux Enterprise Real Time Extension Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-4440 HIGH PATCH This Week

arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service RCE Privilege Escalation Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2014-9904 HIGH PATCH This Week

The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Debian Linux Suse Linux Enterprise Real Time Extension
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2016-5244 HIGH PATCH This Week

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Fedora Linux Enterprise Real Time Extension Linux Enterprise Debuginfo +8
NVD GitHub
CVSS 3.0
7.5
EPSS
0.6%
CVE-2016-3713 HIGH PATCH This Week

The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Denial Of Service Linux Authentication Bypass Linux Kernel
NVD GitHub
CVSS 3.0
7.1
EPSS
0.1%
CVE-2016-5728 MEDIUM PATCH This Month

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel. Rated medium severity (CVSS 6.3). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Linux Buffer Overflow Debian Linux Linux Kernel
NVD GitHub
CVSS 3.0
6.3
EPSS
0.0%
CVE-2016-4470 MEDIUM PATCH This Month

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Vm Server Linux Kernel Suse Linux Enterprise Real Time Extension +10
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2014-9903 MEDIUM PATCH This Month

The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-5243 MEDIUM PATCH This Month

The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.0
5.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy