Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 98530 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2016-9824 Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. MEDIUM Mar 2, 2017 n/a
CVE-2016-9823 libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. MEDIUM Mar 2, 2017 n/a
CVE-2016-9822 Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. MEDIUM Mar 2, 2017 n/a
CVE-2016-9821 Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. MEDIUM Mar 2, 2017 n/a
CVE-2016-9820 libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. MEDIUM Mar 2, 2017 n/a
CVE-2016-9819 libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. MEDIUM Mar 2, 2017 n/a
CVE-2016-9818 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. MEDIUM Feb 28, 2017 n/a
CVE-2016-9817 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. MEDIUM Feb 28, 2017 n/a
CVE-2016-9816 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2. MEDIUM Feb 28, 2017 n/a
CVE-2016-9815 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort. MEDIUM Feb 28, 2017 n/a
CVE-2016-9814 The validateSignature method in the SAML2Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean. HIGH Feb 16, 2017 n/a
CVE-2016-9813 The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. MEDIUM Jan 17, 2017 n/a
CVE-2016-9812 The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section. MEDIUM Jan 17, 2017 n/a
CVE-2016-9811 The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file. MEDIUM Jan 17, 2017 n/a
CVE-2016-9810 The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call. MEDIUM Jan 17, 2017 n/a
CVE-2016-9809 Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read. MEDIUM Jan 17, 2017 n/a
CVE-2016-9808 The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs. MEDIUM Jan 17, 2017 n/a
CVE-2016-9807 The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file. MEDIUM Jan 17, 2017 n/a
CVE-2016-9806 Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated. HIGH Dec 28, 2016 n/a
CVE-2016-9804 In BlueZ 5.42, a buffer overflow was observed in commands_dump function in tools/parser/csr.c source file. The issue exists because commands array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame frm->ptr parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. MEDIUM Dec 7, 2016 n/a
CVE-2016-9803 In BlueZ 5.42, an out-of-bounds read was observed in le_meta_ev_dump function in tools/parser/hci.c source file. This issue exists because \'subevent\' (which is used to read correct element from \'ev_le_meta_str\' array) is overflowed. MEDIUM Dec 7, 2016 n/a
CVE-2016-9802 In BlueZ 5.42, a buffer over-read was identified in l2cap_packet function in monitor/packet.c source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash. MEDIUM Dec 7, 2016 n/a
CVE-2016-9801 In BlueZ 5.42, a buffer overflow was observed in set_ext_ctrl function in tools/parser/l2cap.c source file when processing corrupted dump file. MEDIUM Dec 7, 2016 n/a
CVE-2016-9800 In BlueZ 5.42, a buffer overflow was observed in pin_code_reply_dump function in tools/parser/hci.c source file. The issue exists because pin array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame pin_code_reply_cp *cp parameter. MEDIUM Dec 7, 2016 n/a
CVE-2016-9799 In BlueZ 5.42, a buffer overflow was observed in pklg_read_hci function in btsnoop.c source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash. MEDIUM Dec 7, 2016 n/a
CVE-2016-9798 In BlueZ 5.42, a use-after-free was identified in conf_opt function in tools/parser/l2cap.c source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. MEDIUM Dec 7, 2016 n/a
CVE-2016-9797 In BlueZ 5.42, a buffer over-read was observed in l2cap_dump function in tools/parser/l2cap.c source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. MEDIUM Dec 7, 2016 n/a
CVE-2016-9796 Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that can be used to run arbitrary commands on the server, with the privilege of NT AUTHORITYSYSTEM on the server. NOTE: The discoverer states The vendor position is to refer to the technical guidelines of the product security deployment to mitigate this issue, which means applying proper firewall rules to prevent unauthorised clients to connect to the OmniVista server. HIGH Dec 7, 2016 n/a
CVE-2016-9795 The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation. HIGH Jan 30, 2017 n/a
CVE-2016-9794 Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command. HIGH Dec 28, 2016 n/a
CVE-2016-9793 The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option. HIGH Dec 28, 2016 n/a
CVE-2016-9778 An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c MEDIUM Jan 11, 2017 n/a
CVE-2016-9777 KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h. MEDIUM Dec 28, 2016 n/a
CVE-2016-9776 QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in \'mcf_fec_receive\'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS. LOW Dec 30, 2016 n/a
CVE-2016-9775 The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to gain root privileges via a setgid program in the Catalina directory, as demonstrated by /etc/tomcat8/Catalina/attack. HIGH Mar 24, 2017 n/a
CVE-2016-9774 The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory. HIGH Mar 23, 2017 n/a
CVE-2016-9773 Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556. MEDIUM Feb 23, 2017 n/a
CVE-2016-9772 OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses. MEDIUM Feb 6, 2017 n/a
CVE-2016-9757 In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag name field. Once this tag is viewed in the Tag Detail page of the Rapid7 Nexpose 6.4.12 UI by another authenticated user, the script is run in that user's browser context. LOW Dec 27, 2016 n/a
CVE-2016-9756 arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. LOW Dec 28, 2016 n/a
CVE-2016-9755 The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c. MEDIUM Dec 28, 2016 n/a
CVE-2016-9754 The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file. HIGH Jan 6, 2017 n/a
CVE-2016-9752 In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address (e.g., http://127.1) or a 30x (aka Redirection) HTTP status code. MEDIUM Dec 2, 2016 n/a
CVE-2016-9751 Cross-site scripting (XSS) vulnerability in the search results front end in Piwigo 2.8.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter. MEDIUM Dec 6, 2016 n/a
CVE-2016-9750 IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 120207. MEDIUM May 23, 2017 n/a
CVE-2016-9749 IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206. LOW Nov 8, 2018 n/a
CVE-2016-9748 IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system. MEDIUM Feb 15, 2017 n/a
CVE-2016-9747 IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. LOW Jun 23, 2017 n/a
CVE-2016-9746 IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119821. LOW Jul 6, 2017 n/a
CVE-2016-9740 IBM QRadar 7.2 could allow a remote attacker to consume all resources on the server due to not properly restricting the size or amount of resources requested by an actor. IBM Reference #: 1999556. HIGH Mar 8, 2017 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online