Skip to main content

Enterprise Linux Hpc Node Eus

79 CVEs product

Monthly

CVE-2015-3149 MEDIUM This Month

The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Information Disclosure Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +4
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2015-5300 HIGH PATCH Act Now

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 36.8%.

Denial Of Service Fedora Linux Enterprise Debuginfo Leap Opensuse +16
NVD
CVSS 3.0
7.5
EPSS
36.8%
CVE-2016-7166 MEDIUM PATCH This Month

libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus Enterprise Linux Server +5
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2016-5844 MEDIUM POC PATCH This Month

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Libarchive Enterprise Linux Desktop Enterprise Linux Hpc Node +7
NVD GitHub
CVSS 3.0
6.5
EPSS
1.5%
CVE-2016-5418 HIGH POC PATCH This Week

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server Enterprise Linux Workstation +6
NVD GitHub
CVSS 3.0
7.5
EPSS
5.2%
CVE-2016-4809 HIGH PATCH This Week

The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server Enterprise Linux Workstation +5
NVD GitHub
CVSS 3.0
7.5
EPSS
2.5%
CVE-2016-4302 HIGH POC PATCH This Week

Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +5
NVD GitHub
CVSS 3.0
7.8
EPSS
1.2%
CVE-2016-4300 HIGH POC PATCH This Week

Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Buffer Overflow Libarchive Enterprise Linux Desktop +6
NVD GitHub
CVSS 3.0
7.8
EPSS
0.9%
CVE-2016-5388 Maven HIGH PATCH Act Now

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 36.8%.

Apache Tomcat Authentication Bypass Enterprise Linux Desktop Enterprise Linux Hpc Node +8
NVD
CVSS 3.0
8.1
EPSS
36.8%
CVE-2016-4470 MEDIUM PATCH This Month

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Vm Server Linux Kernel Suse Linux Enterprise Real Time Extension +10
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-0758 HIGH This Week

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Linux Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +6
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-3698 HIGH This Week

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Authentication Bypass Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +7
NVD GitHub
CVSS 3.0
8.1
EPSS
2.1%
CVE-2016-2150 HIGH This Week

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Enterprise Linux Enterprise Linux Desktop Enterprise Linux Hpc Node Eus Enterprise Linux Server +7
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2016-0749 CRITICAL Act Now

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Leap Opensuse +9
NVD
CVSS 3.0
9.8
EPSS
16.0%
CVE-2015-5261 HIGH This Week

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ubuntu Linux Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +5
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2015-5260 HIGH This Week

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node +7
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2015-4605 HIGH POC This Week

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python RCE PHP Denial Of Service Enterprise Linux Desktop +6
NVD
CVSS 3.0
7.5
EPSS
9.1%
CVE-2015-4604 HIGH POC This Week

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python RCE PHP Denial Of Service Enterprise Linux Desktop +6
NVD
CVSS 3.0
7.5
EPSS
9.1%
CVE-2015-4603 CRITICAL POC Act Now

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +4
NVD
CVSS 3.0
9.8
EPSS
8.1%
CVE-2015-4602 CRITICAL POC THREAT Emergency

The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.9%.

RCE PHP Denial Of Service Enterprise Linux Enterprise Linux Desktop +5
NVD
CVSS 3.0
9.8
EPSS
12.9%
CVE-2015-4601 CRITICAL Act Now

PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.4% and no vendor patch available.

RCE PHP Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node +4
NVD
CVSS 3.0
9.8
EPSS
21.4%
CVE-2015-4600 CRITICAL POC THREAT Emergency

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.7%.

RCE PHP Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node +4
NVD
CVSS 3.0
9.8
EPSS
10.7%
CVE-2015-4599 CRITICAL POC Act Now

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node +4
NVD
CVSS 3.0
9.8
EPSS
6.6%
CVE-2015-4598 MEDIUM This Month

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Authentication Bypass Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +4
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2015-3412 MEDIUM POC This Month

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +4
NVD
CVSS 3.0
5.3
EPSS
1.0%
CVE-2015-3411 MEDIUM POC This Month

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Enterprise Linux Enterprise Linux Desktop Enterprise Linux Hpc Node +4
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2016-3717 MEDIUM POC PATCH THREAT This Month

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 33.7%.

Information Disclosure Ubuntu Linux Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +6
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
33.7%
CVE-2016-3716 LOW POC PATCH THREAT Monitor

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.3%.

Privilege Escalation Ubuntu Linux Imagemagick Enterprise Linux Desktop Enterprise Linux Hpc Node +6
NVD Exploit-DB
CVSS 3.0
3.3
EPSS
24.3%
CVE-2016-2109 HIGH Act Now

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 59.3% and no vendor patch available.

Denial Of Service OpenSSL Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +4
NVD
CVSS 3.0
7.5
EPSS
59.3%
CVE-2016-2108 CRITICAL Emergency

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 37.0% and no vendor patch available.

OpenSSL Denial Of Service RCE Buffer Overflow Enterprise Linux Desktop +7
NVD
CVSS 3.0
9.8
EPSS
37.0%
CVE-2016-2107 MEDIUM POC PATCH THREAT This Month

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 80.0%.

OpenSSL Information Disclosure Oracle Enterprise Linux Desktop Enterprise Linux Hpc Node +12
NVD Exploit-DB
CVSS 3.1
5.9
EPSS
80.0%
Threat
5.1
CVE-2016-2106 HIGH Act Now

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 68.5% and no vendor patch available.

Denial Of Service OpenSSL Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node +5
NVD
CVSS 3.0
7.5
EPSS
68.5%
CVE-2016-2105 HIGH PATCH Act Now

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 45.1%.

Integer Overflow Denial Of Service OpenSSL Buffer Overflow Enterprise Linux Desktop +13
NVD
CVSS 3.1
7.5
EPSS
45.1%
CVE-2016-0695 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre +10
NVD
CVSS 3.0
5.9
EPSS
2.9%
CVE-2016-3069 PyPI HIGH PATCH This Week

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Mercurial Debian Linux Linux Enterprise Debuginfo Opensuse +10
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2016-3068 PyPI HIGH PATCH This Week

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Debian Linux Mercurial Fedora Enterprise Linux Desktop +10
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2015-5229 HIGH This Week

The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Enterprise Linux Enterprise Linux Desktop Enterprise Linux Hpc Node +5
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2015-7547 HIGH POC PATCH THREAT Act Now

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 94.0%.

Denial Of Service RCE Buffer Overflow Debian Linux Ubuntu Linux +28
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
94.0%
Threat
5.9
CVE-2016-0616 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +11
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2016-0609 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 1.7), this vulnerability is remotely exploitable.

Information Disclosure Oracle Linux Enterprise Linux Debian Linux +13
NVD
CVSS 2.0
1.7
EPSS
0.8%
CVE-2016-0608 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Linux Enterprise Linux Enterprise Linux Desktop +13
NVD
CVSS 2.0
3.5
EPSS
0.3%
CVE-2016-0606 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Debian Linux Enterprise Linux Desktop Enterprise Linux Hpc Node +13
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2016-0600 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Enterprise Linux Debian Linux Enterprise Linux Desktop +13
NVD
CVSS 2.0
3.5
EPSS
0.3%
CVE-2016-0598 LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Leap Opensuse Linux +13
NVD
CVSS 2.0
3.5
EPSS
0.3%
CVE-2016-0597 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux Solaris Linux +13
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2016-0596 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +13
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2016-0546 HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Buffer Overflow Oracle Ubuntu Linux MariaDB Enterprise Linux +13
NVD GitHub
CVSS 2.0
7.2
EPSS
0.2%
CVE-2016-0505 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +13
NVD
CVSS 2.0
6.8
EPSS
6.5%
CVE-2015-7981 MEDIUM POC PATCH This Month

The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Ubuntu Linux Debian Linux Enterprise Linux Desktop +7
NVD
CVSS 2.0
5.0
EPSS
2.0%
CVE-2015-4819 HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL Linux Solaris +11
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-4148 MEDIUM POC PATCH THREAT This Month

The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

PHP Information Disclosure Mac Os X Enterprise Linux Desktop Enterprise Linux Hpc Node +4
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
16.9%
CVE-2015-4147 HIGH POC PATCH THREAT Act Now

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 50.8%.

RCE PHP Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +4
NVD
CVSS 2.0
7.5
EPSS
50.8%
Threat
4.5
CVE-2015-4026 HIGH POC PATCH This Week

The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP Authentication Bypass Enterprise Linux Mac Os X Enterprise Linux Desktop +5
NVD
CVSS 2.0
7.5
EPSS
9.6%
CVE-2015-4025 HIGH PATCH This Week

PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

PHP Authentication Bypass Mac Os X Enterprise Linux Desktop Enterprise Linux Hpc Node +5
NVD
CVSS 2.0
7.5
EPSS
6.1%
CVE-2015-4024 MEDIUM POC PATCH THREAT This Month

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 75.5%.

Denial Of Service PHP Enterprise Linux Mac Os X System Management Homepage +8
NVD
CVSS 2.0
5.0
EPSS
75.5%
Threat
4.8
CVE-2015-4022 HIGH POC PATCH THREAT Act Now

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 20.6%.

RCE PHP Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node +6
NVD
CVSS 2.0
7.5
EPSS
20.6%
CVE-2015-4021 MEDIUM POC PATCH THREAT This Month

The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 42.0%.

Denial Of Service PHP Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node +6
NVD
CVSS 2.0
5.0
EPSS
42.0%
CVE-2015-3330 MEDIUM POC PATCH THREAT This Month

The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.0%.

RCE PHP Denial Of Service Apache Linux +9
NVD
CVSS 2.0
6.8
EPSS
39.0%
Threat
4.0
CVE-2015-3329 HIGH POC PATCH THREAT Act Now

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.8%.

RCE PHP Buffer Overflow Mac Os X Enterprise Linux Desktop +8
NVD
CVSS 2.0
7.5
EPSS
28.8%
CVE-2015-3307 HIGH POC PATCH THREAT Act Now

The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.4%.

Denial Of Service PHP Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node +6
NVD
CVSS 2.0
7.5
EPSS
18.4%
CVE-2015-2783 MEDIUM POC PATCH This Month

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service PHP Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node +6
NVD
CVSS 2.0
5.8
EPSS
9.7%
CVE-2015-1863 MEDIUM This Month

Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Ubuntu Linux Wpa Supplicant +8
NVD
CVSS 2.0
5.8
EPSS
8.5%
CVE-2015-2787 HIGH POC THREAT Act Now

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.4%.

Deserialization RCE PHP Mac Os X Enterprise Linux Desktop +6
NVD GitHub
CVSS 2.0
7.5
EPSS
36.4%
Threat
4.1
CVE-2015-2348 MEDIUM POC This Month

The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +5
NVD
CVSS 2.0
5.0
EPSS
7.2%
CVE-2015-2301 HIGH POC THREAT Act Now

Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.2%.

Memory Corruption PHP Denial Of Service Use After Free Ubuntu Linux +9
NVD
CVSS 2.0
7.5
EPSS
11.2%
CVE-2014-9675 MEDIUM POC This Month

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ubuntu Linux Freetype Debian Linux Fedora +7
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2014-9674 HIGH POC PATCH This Week

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Ubuntu Linux Solaris Fedora +8
NVD
CVSS 2.0
7.5
EPSS
5.1%
CVE-2014-9673 MEDIUM POC This Month

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux Debian Linux Enterprise Linux Desktop +7
NVD
CVSS 2.0
6.8
EPSS
4.2%
CVE-2014-9671 MEDIUM POC PATCH This Month

Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus Enterprise Linux Server +7
NVD
CVSS 2.0
4.3
EPSS
3.2%
CVE-2014-9670 MEDIUM POC PATCH This Month

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Debian Linux Opensuse Fedora Solaris +8
NVD
CVSS 2.0
4.3
EPSS
5.0%
CVE-2014-9669 MEDIUM POC PATCH This Month

Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow Ubuntu Linux Freetype +10
NVD
CVSS 2.0
6.8
EPSS
2.4%
CVE-2014-9667 MEDIUM POC This Month

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Debian Linux Ubuntu Linux Fedora +8
NVD
CVSS 2.0
6.8
EPSS
2.0%
CVE-2014-9666 MEDIUM POC PATCH This Month

The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Buffer Overflow Opensuse Solaris Ubuntu Linux +9
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2014-9664 MEDIUM POC PATCH This Month

FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Hpc Node Eus +9
NVD
CVSS 2.0
6.8
EPSS
1.2%
CVE-2014-9663 HIGH POC PATCH This Week

The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Freetype Debian Linux Opensuse +9
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2014-9661 HIGH POC This Week

type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ubuntu Linux Debian Linux Enterprise Linux Desktop Enterprise Linux Hpc Node +7
NVD
CVSS 2.0
7.5
EPSS
3.6%
CVE-2014-9660 HIGH POC PATCH This Week

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Opensuse Ubuntu Linux Debian Linux +9
NVD
CVSS 2.0
7.5
EPSS
4.8%
CVE-2014-9658 HIGH POC PATCH This Week

The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow Solaris Ubuntu Linux +10
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2014-9657 HIGH POC PATCH This Week

The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow Opensuse Enterprise Linux Desktop +10
NVD
CVSS 2.0
7.5
EPSS
1.5%
EPSS 0% CVSS 5.5
MEDIUM This Month

The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Information Disclosure Enterprise Linux Desktop +6
NVD
EPSS 37% CVSS 7.5
HIGH PATCH Act Now

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 36.8%.

Denial Of Service Fedora Linux Enterprise Debuginfo +18
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node +7
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Libarchive +9
NVD GitHub
EPSS 5% CVSS 7.5
HIGH POC PATCH This Week

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Enterprise Linux Desktop Enterprise Linux Hpc Node +8
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node +7
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Buffer Overflow Enterprise Linux Desktop +7
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Buffer Overflow +8
NVD GitHub
EPSS 37% CVSS 8.1
HIGH PATCH Act Now

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 36.8%.

Apache Tomcat Authentication Bypass +10
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Vm Server +12
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Linux Buffer Overflow Enterprise Linux Desktop +8
NVD GitHub
EPSS 2% CVSS 8.1
HIGH This Week

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Authentication Bypass Enterprise Linux Desktop +9
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Enterprise Linux Enterprise Linux Desktop +9
NVD
EPSS 16% CVSS 9.8
CRITICAL Act Now

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow +11
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ubuntu Linux Enterprise Linux Desktop +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +9
NVD
EPSS 9% CVSS 7.5
HIGH POC This Week

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python RCE PHP +8
NVD
EPSS 9% CVSS 7.5
HIGH POC This Week

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python RCE PHP +8
NVD
EPSS 8% CVSS 9.8
CRITICAL POC Act Now

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Enterprise Linux Desktop +6
NVD
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Emergency

The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.9%.

RCE PHP Denial Of Service +7
NVD
EPSS 21% CVSS 9.8
CRITICAL Act Now

PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.4% and no vendor patch available.

RCE PHP Denial Of Service +6
NVD
EPSS 11% CVSS 9.8
CRITICAL POC THREAT Emergency

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.7%.

RCE PHP Denial Of Service +6
NVD
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Denial Of Service +6
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Authentication Bypass Enterprise Linux Desktop +6
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Enterprise Linux Desktop +6
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Enterprise Linux +6
NVD
EPSS 34% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 33.7%.

Information Disclosure Ubuntu Linux Enterprise Linux Desktop +8
NVD Exploit-DB
EPSS 24% CVSS 3.3
LOW POC PATCH THREAT Monitor

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.3%.

Privilege Escalation Ubuntu Linux Imagemagick +8
NVD Exploit-DB
EPSS 59% CVSS 7.5
HIGH Act Now

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 59.3% and no vendor patch available.

Denial Of Service OpenSSL Enterprise Linux Desktop +6
NVD
EPSS 37% CVSS 9.8
CRITICAL Emergency

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 37.0% and no vendor patch available.

OpenSSL Denial Of Service RCE +9
NVD
EPSS 80% 5.1 CVSS 5.9
MEDIUM POC PATCH THREAT This Month

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 80.0%.

OpenSSL Information Disclosure Oracle +14
NVD Exploit-DB
EPSS 68% CVSS 7.5
HIGH Act Now

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 68.5% and no vendor patch available.

Denial Of Service OpenSSL Buffer Overflow +7
NVD
EPSS 45% CVSS 7.5
HIGH PATCH Act Now

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 45.1%.

Integer Overflow Denial Of Service OpenSSL +15
NVD
EPSS 3% CVSS 5.9
MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java Oracle +12
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Mercurial Debian Linux +12
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Debian Linux Mercurial +12
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Enterprise Linux +7
NVD
EPSS 94% 5.9 CVSS 8.1
HIGH POC PATCH THREAT Act Now

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 94.0%.

Denial Of Service RCE Buffer Overflow +30
NVD Exploit-DB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux Desktop +13
NVD
EPSS 1% CVSS 1.7
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 1.7), this vulnerability is remotely exploitable.

Information Disclosure Oracle Linux +15
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Linux +15
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Debian Linux +15
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Enterprise Linux +15
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Leap +15
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux +15
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux Desktop +15
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Buffer Overflow Oracle Ubuntu Linux +15
NVD GitHub
EPSS 6% CVSS 6.8
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Enterprise Linux Desktop +15
NVD
EPSS 2% CVSS 5.0
MEDIUM POC PATCH This Month

The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Ubuntu Linux +9
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Information Disclosure Oracle MySQL +13
NVD
EPSS 17% CVSS 5.0
MEDIUM POC PATCH THREAT This Month

The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

PHP Information Disclosure Mac Os X +6
NVD Exploit-DB
EPSS 51% 4.5 CVSS 7.5
HIGH POC PATCH THREAT Act Now

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 50.8%.

RCE PHP Enterprise Linux Desktop +6
NVD
EPSS 10% CVSS 7.5
HIGH POC PATCH This Week

The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP Authentication Bypass Enterprise Linux +7
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

PHP Authentication Bypass Mac Os X +7
NVD
EPSS 76% 4.8 CVSS 5.0
MEDIUM POC PATCH THREAT This Month

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 75.5%.

Denial Of Service PHP Enterprise Linux +10
NVD
EPSS 21% CVSS 7.5
HIGH POC PATCH THREAT Act Now

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 20.6%.

RCE PHP Buffer Overflow +8
NVD
EPSS 42% CVSS 5.0
MEDIUM POC PATCH THREAT This Month

The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 42.0%.

Denial Of Service PHP Buffer Overflow +8
NVD
EPSS 39% 4.0 CVSS 6.8
MEDIUM POC PATCH THREAT This Month

The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.0%.

RCE PHP Denial Of Service +11
NVD
EPSS 29% CVSS 7.5
HIGH POC PATCH THREAT Act Now

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.8%.

RCE PHP Buffer Overflow +10
NVD
EPSS 18% CVSS 7.5
HIGH POC PATCH THREAT Act Now

The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.4%.

Denial Of Service PHP Buffer Overflow +8
NVD
EPSS 10% CVSS 5.8
MEDIUM POC PATCH This Month

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service PHP Buffer Overflow +8
NVD
EPSS 9% CVSS 5.8
MEDIUM This Month

Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +10
NVD
EPSS 36% 4.1 CVSS 7.5
HIGH POC THREAT Act Now

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.4%.

Deserialization RCE PHP +8
NVD GitHub
EPSS 7% CVSS 5.0
MEDIUM POC This Month

The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Enterprise Linux Desktop +7
NVD
EPSS 11% CVSS 7.5
HIGH POC THREAT Act Now

Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.2%.

Memory Corruption PHP Denial Of Service +11
NVD
EPSS 2% CVSS 5.0
MEDIUM POC This Month

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ubuntu Linux Freetype +9
NVD
EPSS 5% CVSS 7.5
HIGH POC PATCH This Week

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Ubuntu Linux +10
NVD
EPSS 4% CVSS 6.8
MEDIUM POC This Month

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux +9
NVD
EPSS 3% CVSS 4.3
MEDIUM POC PATCH This Month

Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Enterprise Linux Desktop Enterprise Linux Hpc Node +9
NVD
EPSS 5% CVSS 4.3
MEDIUM POC PATCH This Month

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Debian Linux Opensuse +10
NVD
EPSS 2% CVSS 6.8
MEDIUM POC PATCH This Month

Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow +12
NVD
EPSS 2% CVSS 6.8
MEDIUM POC This Month

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Debian Linux +10
NVD
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Buffer Overflow Opensuse +11
NVD
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Buffer Overflow Enterprise Linux Desktop +11
NVD
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Freetype +11
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ubuntu Linux Debian Linux +9
NVD
EPSS 5% CVSS 7.5
HIGH POC PATCH This Week

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Opensuse +11
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow +12
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow +12
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy