CVE-2016-8986
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.
Source: CVE-2016-8986
[월:] 2017년 02월
CVE-2016-9956 (debian_linux, fedora, flightgear)
CVE-2016-9956 (debian_linux, fedora, flightgear)
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.
CVE-2016-9910 (html5lib)
CVE-2016-9910 (html5lib)
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909.
Source: CVE-2016-9910 (html5lib)
CVE-2016-9909 (html5lib)
CVE-2016-9909 (html5lib)
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of the < (less than) character in attribute values.
Source: CVE-2016-9909 (html5lib)
CVE-2016-8636 (linux_kernel)
CVE-2016-8636 (linux_kernel)
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology.
Source: CVE-2016-8636 (linux_kernel)
CVE-2016-9377 (xen)
CVE-2016-9377 (xen)
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation.
Source: CVE-2016-9377 (xen)
CVE-2016-9384 (xen)
CVE-2016-9384 (xen)
Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table.
Source: CVE-2016-9384 (xen)
CVE-2016-9378 (xen)
CVE-2016-9378 (xen)
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery.
Source: CVE-2016-9378 (xen)
CVE-2016-8636
CVE-2016-8636
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology.
Source: CVE-2016-8636
CVE-2014-4677
CVE-2014-4677
The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters in the xmlPath argument.
Source: CVE-2014-4677