CVEs from 2016
Total
8,431
critical
critical 1,165
high
high 3,521
medium
medium 3,172
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-9827 | medium | 5.5 | 5.5 | 9y ago | The _iprintf function in outputtxt.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (buffer over-read) via a crafted SWF file. | |||
| CVE-2016-9773 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a craft… | |||
| CVE-2016-8681 | medium | 5.5 | 5.5 | 9y ago | The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on … | |||
| CVE-2016-8678 | medium | 5.5 | 5.5 | 9y ago | The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the… | |||
| CVE-2016-8676 | medium | 5.5 | 5.5 | 9y ago | The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an … | |||
| CVE-2016-8675 | medium | 5.5 | 5.5 | 9y ago | The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcod… | |||
| CVE-2016-8674 | medium | 5.5 | 5.5 | 9y ago | The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file. | |||
| CVE-2016-7499 | medium | 5.5 | 5.5 | 9y ago | The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. | |||
| CVE-2016-7477 | medium | 5.5 | 5.5 | 9y ago | The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file. NOTE: this issue wa… | |||
| CVE-2016-7393 | medium | 5.5 | 5.5 | 9y ago | Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||
| CVE-2016-7392 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted… | |||
| CVE-2016-8944 | medium | 5.5 | 5.5 | 9y ago | IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IV91487, IV91456, IV90234. | |||
| CVE-2016-8692 | medium | 5.5 | 5.5 | 9y ago | The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YR… | |||
| CVE-2016-8691 | medium | 5.5 | 5.5 | 9y ago | The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XR… | |||
| CVE-2016-8690 | medium | 5.5 | 5.5 | 9y ago | The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo comm… | |||
| CVE-2016-8688 | medium | 5.5 | 5.5 | 9y ago | The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which trig… | |||
| CVE-2016-6832 | medium | 5.5 | 5.5 | 9y ago | Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing. | |||
| CVE-2016-9354 | medium | 5.5 | 5.5 | 9y ago | An issue was discovered in Moxa DACenter Versions 1.4 and older. A specially crafted project file may cause the program to crash because of Uncontrolled Resource Consumption. | |||
| CVE-2016-4546 | medium | 5.5 | 5.5 | 9y ago | Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | |||
| CVE-2016-10198 | medium | 5.5 | 5.5 | 9y ago | The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and … | |||
| CVE-2016-0203 | medium | 5.5 | 5.5 | 10y ago | A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual … | |||
| CVE-2016-3020 | medium | 5.5 | 5.5 | 10y ago | IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specia… | |||
| CVE-2016-9532 | medium | 5.5 | 5.5 | 10y ago | Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file. | |||
| CVE-2016-5102 | medium | 5.5 | 5.5 | 10y ago | Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. | |||
| CVE-2016-10154 | medium | 5.5 | 5.5 | 10y ago | The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (sys… | |||
| CVE-2016-4797 | medium | 5.5 | 5.5 | 10y ago | Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE:… | |||
| CVE-2016-4796 | medium | 5.5 | 5.5 | 10y ago | Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file. | |||
| CVE-2016-3183 | medium | 5.5 | 5.5 | 10y ago | The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file. | |||
| CVE-2016-9642 | medium | 5.5 | 5.5 | 10y ago | JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file. | |||
| CVE-2016-9082 | medium | 5.5 | 5.5 | 10y ago | Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file. | |||
| CVE-2016-8569 | medium | 5.5 | 5.5 | 10y ago | The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. | |||
| CVE-2016-8568 | medium | 5.5 | 5.5 | 10y ago | The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. | |||
| CVE-2016-6163 | medium | 5.5 | 5.5 | 10y ago | The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. | |||
| CVE-2016-5241 | medium | 5.5 | 5.5 | 10y ago | magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file. | |||
| CVE-2016-5115 | medium | 5.5 | 5.5 | 10y ago | The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. | |||
| CVE-2016-4571 | medium | 5.5 | 5.5 | 10y ago | The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. | |||
| CVE-2016-4570 | medium | 5.5 | 5.5 | 10y ago | The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. | |||
| CVE-2016-4352 | medium | 5.5 | 5.5 | 10y ago | Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file. | |||
| CVE-2016-2318 | medium | 5.5 | 5.5 | 10y ago | GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartEle… | |||
| CVE-2016-2317 | medium | 5.5 | 5.5 | 10y ago | Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) G… | |||
| CVE-2016-6238 | medium | 5.5 | 5.5 | 10y ago | The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file. | |||
| CVE-2016-6237 | medium | 5.5 | 5.5 | 10y ago | The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds write) via a crafted jpeg file. | |||
| CVE-2016-6236 | medium | 5.5 | 5.5 | 10y ago | The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file. | |||
| CVE-2016-6235 | medium | 5.5 | 5.5 | 10y ago | The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted jpeg file. | |||
| CVE-2016-6234 | medium | 5.5 | 5.5 | 10y ago | The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file. | |||
| CVE-2016-8963 | medium | 5.5 | 5.5 | 10y ago | IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user. | |||
| CVE-2016-2941 | medium | 5.5 | 5.5 | 10y ago | IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could be read by a local user. | |||
| CVE-2016-8967 | medium | 5.5 | 5.5 | 10y ago | IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user. | |||
| CVE-2016-0371 | medium | 5.5 | 5.5 | 10y ago | The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled. | |||
| CVE-2016-8981 | medium | 5.5 | 5.5 | 10y ago | IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system. | |||
| CVE-2016-8697 | medium | 5.5 | 5.5 | 10y ago | The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image. | |||
| CVE-2016-8696 | medium | 5.5 | 5.5 | 10y ago | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulne… | |||
| CVE-2016-8695 | medium | 5.5 | 5.5 | 10y ago | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulne… | |||
| CVE-2016-8694 | medium | 5.5 | 5.5 | 10y ago | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulne… | |||
| CVE-2016-8685 | medium | 5.5 | 5.5 | 10y ago | The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image. | |||
| CVE-2016-9039 | medium | 5.5 | 5.5 | 10y ago | An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An at… | |||
| CVE-2016-5434 | medium | 5.5 | 5.5 | 10y ago | libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file. | |||
| CVE-2016-5026 | medium | 5.5 | 5.5 | 10y ago | hs.py in OnionShare before 0.9.1 allows local users to modify the hiddenservice by pre-creating the /tmp/onionshare directory. | |||
| CVE-2016-9298 | medium | 5.5 | 5.5 | 10y ago | Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted im… | |||
| CVE-2016-7569 | medium | 5.5 | 5.5 | 10y ago | Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. (dot dot) in the embedded layer data in an image. | |||
| CVE-2016-5825 | medium | 5.5 | 5.5 | 10y ago | The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. | |||
| CVE-2016-5824 | medium | 5.5 | 5.5 | 10y ago | libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | |||
| CVE-2016-5823 | medium | 5.5 | 5.5 | 10y ago | The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | |||
| CVE-2016-3996 | medium | 5.5 | 5.5 | 10y ago | ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. | |||
| CVE-2016-1920 | medium | 5.5 | 5.5 | 10y ago | Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | |||
| CVE-2016-9317 | medium | 5.5 | 5.5 | 10y ago | The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. | |||
| CVE-2016-6911 | medium | 5.5 | 5.5 | 10y ago | The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. | |||
| CVE-2016-10025 | medium | 5.5 | 5.5 | 10y ago | VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging … | |||
| CVE-2016-9401 | medium | 5.5 | 5.5 | 10y ago | popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | |||
| CVE-2016-7410 | medium | 5.5 | 5.5 | 10y ago | The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file. | |||
| CVE-2016-10147 | medium | 5.5 | 5.5 | 10y ago | crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm… | |||
| CVE-2016-9278 | medium | 5.5 | 5.5 | 10y ago | The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE… | |||
| CVE-2016-9273 | medium | 5.5 | 5.5 | 10y ago | tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | |||
| CVE-2016-7906 | medium | 5.5 | 5.5 | 10y ago | magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file. | |||
| CVE-2016-9810 | medium | 5.5 | 5.5 | 10y ago | The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) v… | |||
| CVE-2016-9807 | medium | 5.5 | 5.5 | 10y ago | The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file. | |||
| CVE-2016-8883 | medium | 5.5 | 5.5 | 10y ago | The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. | |||
| CVE-2016-8882 | medium | 5.5 | 5.5 | 10y ago | The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. | |||
| CVE-2016-8467 | medium | 5.5 | 5.5 | 10y ago | An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent … | |||
| CVE-2016-10135 | medium | 5.5 | 5.5 | 10y ago | An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with … | |||
| CVE-2016-8463 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to … | |||
| CVE-2016-8462 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access … | |||
| CVE-2016-8461 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access … | |||
| CVE-2016-8460 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it c… | |||
| CVE-2016-8400 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the NVIDIA librm library (libnvrm) could enable a local malicious application to access data outside of its permission levels. This issue is rated as Modera… | |||
| CVE-2016-8397 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it c… | |||
| CVE-2016-8396 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the MediaTek video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it… | |||
| CVE-2016-6773 | medium | 5.5 | 5.5 | 10y ago | An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderat… | |||
| CVE-2016-6767 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remot… | |||
| CVE-2016-6766 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High … | |||
| CVE-2016-6765 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the po… | |||
| CVE-2016-6764 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remot… | |||
| CVE-2016-6763 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability in Telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the poss… | |||
| CVE-2016-9869 | medium | 5.5 | 5.5 | 10y ago | An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO … | |||
| CVE-2016-9868 | medium | 5.5 | 5.5 | 10y ago | An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which … | |||
| CVE-2016-4329 | medium | 5.5 | 5.5 | 10y ago | A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause ap… | |||
| CVE-2016-4307 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel dr… | |||
| CVE-2016-4306 | medium | 5.5 | 5.5 | 10y ago | Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memor… | |||
| CVE-2016-4305 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF ke… | |||
| CVE-2016-4304 | medium | 5.5 | 5.5 | 10y ago | A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violatio… |