Skip to main content
CVE-2016-6664 HIGH POC PATCH THREAT Act Now

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and. Rated high severity (CVSS 7.0). Public exploit code available and EPSS exploitation probability 54.4%.

Information Disclosure Oracle MySQL MariaDB Percona Server +1
NVD Exploit-DB
CVSS 3.1
7.0
EPSS
54.4%
Threat
4.5
CVE-2016-2334 HIGH POC PATCH THREAT Act Now

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.3%.

RCE Buffer Overflow 7 Zip Fedora Solaris
NVD
CVSS 3.0
7.8
EPSS
16.3%
CVE-2016-6491 HIGH POC PATCH This Week

Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow Imagemagick Solaris
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2016-5647 HIGH POC PATCH This Week

The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Intel Privilege Escalation Denial Of Service Microsoft Graphics Driver
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-5842 HIGH POC PATCH This Week

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Imagemagick Solaris
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2016-6663 HIGH POC PATCH This Week

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Information Disclosure Oracle MySQL Percona Server +2
NVD GitHub Exploit-DB
CVSS 3.0
7.0
EPSS
3.4%
CVE-2015-3217 HIGH POC PATCH This Week

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Pcre2 Pcre Powerkvm
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2016-5688 HIGH PATCH This Week

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Solaris Imagemagick
NVD GitHub
CVSS 3.0
8.1
EPSS
2.2%
CVE-2016-6699 HIGH PATCH This Week

A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Google Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-6706 HIGH PATCH This Week

An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-7945 HIGH This Week

Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Fedora Libxi
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2016-7946 HIGH This Week

X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Libxi Fedora
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-7952 HIGH This Week

X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Fedora Libxtst
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2015-3418 HIGH This Week

The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service X Server
NVD
CVSS 3.0
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy