VIR Vulnerability Intelligence Relay

Search

Found 5,295 results in 1086ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-3237 high 7.5 8.5 EXP windows windows 10y ago Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows ma…
CVE-2016-5330 high 7.8 8.8 EXP macos macos vmware 10y ago Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Pla…
CVE-2015-6396 high 7.8 8.8 EXP 10y ago The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux5816…
CVE-2016-6515 high 7.5 8.5 EXPFIX slesfedora fedoradebian debian openbsd 10y ago The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (cryp…
CVE-2016-6512 medium 5.9 6.9 EXPFIX slesdebian debian wireshark 10y ago epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a c…
CVE-2016-6505 medium 5.9 6.9 EXPFIX slesdebian debian wireshark 10y ago epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and appl…
CVE-2016-6504 medium 5.9 6.9 EXPFIX slesdebian debian wireshark 10y ago epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service…
CVE-2016-6503 medium 5.9 6.9 EXPFIX slesdebian debian wireshark 10y ago The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of servic…
CVE-2016-6187 high 7.8 8.8 EXPFIX debian debian linux-kernel 10y ago The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor …
CVE-2016-6186 medium 6.1 7.1 EXPFIX slesdebian debian djangoproject 10y ago Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, an…
CVE-2016-5639 high 7.5 8.5 EXP 10y ago Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the src …
CVE-2016-1611 high 7.8 8.8 EXP novell 10y ago Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's conten…
CVE-2016-1610 high 7.5 8.5 EXP novell 10y ago Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrict…
CVE-2016-1609 medium 5.4 6.4 EXP novell 10y ago Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTM…
CVE-2016-1608 high 8.8 9.8 EXP novell 10y ago vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer pa…
CVE-2016-1607 high 7.2 8.2 EXP novell 10y ago Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administr…
CVE-2016-4469 high 8.8 9.8 EXP apache 10y ago Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repo…
CVE-2016-4625 high 7.8 8.8 EXP macos macos 10y ago Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
CVE-2016-1863 high 7.8 8.8 EXPFIX macos macos 10y ago The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspe…
CVE-2016-3542 medium 6.5 7.5 EXP oracle 10y ago Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentia…
CVE-2016-4232 high 7.5 8.5 EXP sles linux-kernelwindows windows adobe 10y ago Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory …
CVE-2016-4231 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary…
CVE-2016-4230 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary…
CVE-2016-4229 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary…
CVE-2016-4228 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary…
CVE-2016-4227 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary…
CVE-2016-4226 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary…
CVE-2016-4179 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of servi…
CVE-2016-4177 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of servi…
CVE-2016-4176 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of servi…
CVE-2016-4175 high 8.8 9.8 EXP sles linux-kernelwindows windows adobe 10y ago Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of servi…
CVE-2016-6174 high 8.1 9.1 EXP invisioncommunityphp 10y ago applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.…
CVE-2016-4998 high 7.1 8.1 EXPFIX slesdebian debian linux-kernel 10y ago The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sens…
CVE-2016-4997 high 7.8 8.8 EXPFIX slesdebian debian linux-kernel novell 10y ago The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of …
CVE-2016-1337 high 8.1 9.1 EXP 10y ago Cisco EPC3928 devices allow remote attackers to obtain sensitive configuration and credential information by making requests during the early part of the boot process, related to a "Boot Information …
CVE-2016-1336 high 7.5 8.5 EXP 10y ago goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of …
CVE-2016-1328 high 7.5 8.5 EXP 10y ago goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Ser…
CVE-2016-3989 high 8.1 9.1 EXP 10y ago The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, an…
CVE-2016-3962 high 7.3 8.3 EXP 10y ago Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, …
CVE-2016-0400 medium 6.1 7.1 EXP ibm 10y ago CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP hea…
CVE-2016-5304 medium 6.8 7.8 EXP symantec 10y ago Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites…
CVE-2016-3653 high 8.0 9.0 EXP symantec 10y ago Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the auth…
CVE-2016-3652 medium 5.4 6.4 EXP symantec 10y ago Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web s…
CVE-2016-3646 high 8.4 9.4 EXP symantec 10y ago The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SE…
CVE-2016-3644 high 8.4 9.4 EXP symantec 10y ago The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SE…
CVE-2016-2210 high 7.3 8.3 EXP macos macos linux-kernel symantec 10y ago Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway…
CVE-2016-2209 high 7.3 8.3 EXP macos macos linux-kernel symantec 10y ago Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway;…
CVE-2016-2207 high 8.4 9.4 EXP macos macos linux-kernel symantec 10y ago The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SE…
CVE-2016-4971 high 8.8 9.8 EXPFIX slesubuntu ubuntudebian debian gnu 10y ago GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVE-2016-4309 high 7.5 8.5 EXP getsymphony 10y ago Session fixation vulnerability in Symphony CMS 2.6.7, when session.use_only_cookies is disabled, allows remote attackers to hijack web sessions via the PHPSESSID parameter.
CVE-2016-5840 high 7.2 8.2 EXP trend_micro 10y ago hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename…
CVE-2016-1583 high 7.8 8.8 EXPFIX slesdebian debian linux-kernel novell 10y ago The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vecto…
CVE-2016-1861 high 7.8 8.8 EXP macos macos 10y ago The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted ap…
CVE-2016-4137 high 8.8 9.8 EXP sles rhelmacos macos adobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-4136 high 8.8 9.8 EXP sles rhelmacos macos adobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-4135 high 8.8 9.8 EXP sles rhelmacos macos adobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-3225 high 7.8 8.8 EXP windows windows 10y ago The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 …
CVE-2016-3223 high 8.1 9.1 EXP windows windows 10y ago Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle LDAP authenticatio…
CVE-2016-3222 high 8.8 9.8 EXP microsoft 10y ago Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
CVE-2016-3220 high 7.8 8.8 EXP windows windows 10y ago atmfd.dll in the Adobe Type Manager Font Driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Wi…
CVE-2016-3219 high 7.8 8.8 EXP windows windows 10y ago The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
CVE-2016-3216 medium 4.3 5.3 EXP windows windows 10y ago GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gol…
CVE-2016-3213 high 8.8 9.8 EXP windows windows microsoft 10y ago The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT…
CVE-2016-0199 high 8.8 9.8 EXP microsoft 10y ago Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
CVE-2016-3670 medium 6.1 7.1 EXP liferay 10y ago Liferay Portal Vulnerable to XSS in Profile Search Functionality
CVE-2016-1543 high 7.5 8.5 EXP bmc 10y ago The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary use…
CVE-2016-1542 high 7.5 8.5 EXP bmc 10y ago The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by send…
CVE-2016-2819 high 8.8 9.8 EXPFIX slesdebian debianubuntu ubuntu mozilla 10y ago Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fr…
CVE-2016-2494 high 7.8 8.8 EXP 10y ago Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as de…
CVE-2015-7611 high 8.1 9.1 EXP apache 10y ago Apache James Server OS Command Injection
CVE-2016-2784 medium 4.7 5.7 EXP cmsmadesimple 10y ago CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS)…
CVE-2016-1887 high 7.8 8.8 EXP freebsd freebsd 10y ago Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory o…
CVE-2016-1886 high 7.8 8.8 EXP freebsd freebsd 10y ago Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive…
CVE-2016-4578 medium 5.5 6.5 EXPFIX sles linux-kerneldebian debian 10y ago sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of…
CVE-2016-4558 high 7.0 8.0 EXPFIX slesdebian debianubuntu ubuntu 10y ago The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a …
CVE-2016-4557 high 7.8 8.8 EXPFIX sles linux-kerneldebian debian 10y ago The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or caus…
CVE-2016-1848 high 7.8 8.8 EXP macos macos 10y ago QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
CVE-2016-1846 high 7.8 8.8 EXP macos macos 10y ago The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of…
CVE-2016-1839 medium 5.5 6.5 EXPFIX slesdebian debian rhel mcafeexmlsoft 10y ago The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial o…
CVE-2016-1838 medium 5.5 6.5 EXPFIX debian debian rhelubuntu ubuntu mcafeexmlsoft 10y ago The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to…
CVE-2016-1828 high 7.8 8.8 EXPFIX macos macos 10y ago The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service …
CVE-2016-1827 high 7.8 8.8 EXPFIX macos macos 10y ago The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service …
CVE-2016-1825 high 7.8 8.8 EXP macos macos 10y ago IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1823 high 7.8 8.8 EXPFIX macos macos 10y ago The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged c…
CVE-2016-1821 high 7.8 8.8 EXP macos macos 10y ago IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2016-1819 high 7.8 8.8 EXPFIX macos macos 10y ago Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute…
CVE-2016-1813 high 7.8 8.8 EXPFIX macos macos 10y ago The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a priv…
CVE-2016-1807 medium 5.1 6.1 EXPFIX macos macos 10y ago Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel …
CVE-2016-1803 high 7.8 8.8 EXPFIX macos macos 10y ago CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service…
CVE-2016-1794 high 7.8 8.8 EXP macos macos 10y ago The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of serv…
CVE-2016-1793 high 7.8 8.8 EXP macos macos 10y ago AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted …
CVE-2016-4108 high 7.5 8.5 EXP microsoftadobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1106 high 7.5 8.5 EXP microsoftadobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1105 high 7.5 8.5 EXP microsoftadobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1104 high 7.5 8.5 EXP microsoftadobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1103 high 7.5 8.5 EXP microsoftadobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1102 high 7.5 8.5 EXP microsoftadobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1101 high 7.5 8.5 EXP adobemicrosoft 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1096 high 7.5 8.5 EXP adobemicrosoft 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-0173 high 7.8 8.8 EXP windows windows 10y ago The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 a…