Skip to main content
CVE-2016-8655 HIGH POC PATCH THREAT Act Now

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 34.9%.

Denial Of Service Race Condition Linux Linux Kernel Ubuntu Linux
NVD GitHub Exploit-DB
CVSS 3.1
7.8
EPSS
34.9%
Threat
4.1
CVE-2016-9920 HIGH POC THREAT Act Now

steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 38.3%.

RCE Authentication Bypass Webmail
NVD
CVSS 3.0
7.5
EPSS
38.3%
Threat
4.1
CVE-2016-9918 HIGH POC This Week

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Bluez
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-9917 HIGH POC This Week

In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2016-9919 HIGH PATCH This Week

The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.5
EPSS
5.5%
CVE-2015-8966 HIGH PATCH This Week

arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Linux Linux Kernel
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-8102 HIGH This Week

Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Wireless Bluetooth Drivers
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-9120 HIGH PATCH This Week

Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Privilege Escalation Linux Google Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2015-8967 HIGH PATCH This Week

arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Linux Android Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-9839 HIGH This Week

In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mapserver
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy