Skip to main content
CVE-2016-8655 HIGH POC PATCH THREAT Act Now

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 34.9%.

Denial Of Service Race Condition Linux Linux Kernel Ubuntu Linux
NVD GitHub Exploit-DB
CVSS 3.1
7.8
EPSS
34.9%
Threat
4.1
CVE-2016-9920 HIGH POC THREAT Act Now

steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 38.3%.

RCE Authentication Bypass Webmail
NVD
CVSS 3.0
7.5
EPSS
38.3%
Threat
4.1
CVE-2016-9918 HIGH POC This Week

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Bluez
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-9917 HIGH POC This Week

In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2016-9919 HIGH PATCH This Week

The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.5
EPSS
5.5%
CVE-2015-8966 HIGH PATCH This Week

arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Linux Linux Kernel
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8102 HIGH This Week

Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Wireless Bluetooth Drivers
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-9120 HIGH PATCH This Week

Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Privilege Escalation Linux Google Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2015-8967 HIGH PATCH This Week

arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Linux Android Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-9839 HIGH This Week

In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mapserver
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2016-8103 MEDIUM This Month

SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation City Bios Canyon Bios Swift Canyon Bios +1
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2016-9888 MEDIUM PATCH This Month

An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Null Pointer Dereference Libgsf
NVD GitHub
CVSS 3.0
5.5
EPSS
0.5%
CVE-2016-8104 MEDIUM PATCH This Month

Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Buffer Overflow Proset Wireless Software And Drivers
NVD
CVSS 3.0
5.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy