CVE
CVSS base score
Summary
CVE-2016-1762
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
The xmlNextChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
CVE-2016-4448
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Format string vulnerability in libxml2 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2015-5364
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
CVE-2016-6515
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
CVE-2015-8325
7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
CVE-2016-1833
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
The htmlCurrentChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
CVE-2016-1834
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Heap-based buffer overflow in the xmlStrncat function in libxml2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2016-1835
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 allows remote attackers to cause a denial of service via a crafted XML document.
CVE-2016-1836
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 allows remote attackers to cause a denial of service via a crafted XML document.
CVE-2016-1837
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 allow remote attackers to cause a denial of service via a crafted XML document.
CVE-2016-1838
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
The xmlPArserPrintFileContextInternal function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
CVE-2016-1839
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
The xmlDictAddString function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
CVE-2016-1840
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2016-5573
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Vulnerability in Java related to Hotspot.
CVE-2016-4449
5.8 (AV:N/AC:M/Au:N/C:P/I:N/A:P)
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
CVE-2016-5387
5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application’s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an “httpoxy” issue. NOTE: the vendor states “This mitigation has been assigned the identifier CVE-2016-5387”; in other words, this is not a CVE ID for a vulnerability.
CVE-2015-5366
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.
CVE-2016-1907
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
CVE-2016-3627
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
CVE-2016-3705
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
CVE-2016-4447
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The xmlParseElementDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
CVE-2015-5307
4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)
The KVM subsystem in the Linux kernel allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
CVE-2015-8104
4.7 (AV:L/AC:M/Au:N/C:N/I:N/A:C)
The KVM subsystem in the Linux kernel allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
CVE-2016-6662
0.0 (AV:N/AC:L/Au:N/C:N/I:N/A:N)
Vulnerability in MySQL allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: Since this issue does not allow a Junos Space local user to increase privileges, the effective CVSS base score is zero.
CVE-2016-5195
0.0 (AV:L/AC:L/Au:N/C:N/I:N/A:N)
Race condition in mm/gup.c in the Linux kernel allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.” NOTE: Since this issue does not allow a Junos Space local user to increase privileges, the effective CVSS base score is zero.

Leave a Reply