Search Results (26285 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-6247 1 Openbsd 1 Openbsd 2025-04-20 N/A
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.
CVE-2016-6246 1 Openbsd 1 Openbsd 2025-04-20 N/A
OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node.
CVE-2016-6244 1 Openbsd 1 Openbsd 2025-04-20 N/A
The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value.
CVE-2016-6243 1 Openbsd 1 Openbsd 2025-04-20 N/A
thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call.
CVE-2017-7683 1 Apache 1 Openmeetings 2025-04-20 N/A
Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure.
CVE-2016-6239 1 Openbsd 1 Openbsd 2025-04-20 N/A
The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value.
CVE-2016-10703 1 Ecstatic Project 1 Ecstatic 2025-04-20 7.5 High
A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string.
CVE-2016-6234 1 Lepton Project 1 Lepton 2025-04-20 N/A
The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file.
CVE-2016-6220 1 Trendmicro 1 Control Manager 2025-04-20 7.5 High
Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0.
CVE-2016-6206 1 Huawei 2 Ar3200, Ar3200 Firmware 2025-04-20 N/A
Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.
CVE-2017-8709 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2025-04-20 N/A
The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8708, CVE-2017-8679, and CVE-2017-8719.
CVE-2017-8714 1 Microsoft 4 Windows 10, Windows 8.1, Windows Server 2012 and 1 more 2025-04-20 N/A
The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Remote Desktop Virtual Host Remote Code Execution Vulnerability".
CVE-2016-6131 1 Gnu 1 Libiberty 2025-04-20 N/A
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
CVE-2016-2517 1 Ntp 1 Ntp 2025-04-20 N/A
NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.
CVE-2016-3731 1 Moodle 1 Moodle 2025-04-20 N/A
Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions.
CVE-2016-3732 1 Moodle 1 Moodle 2025-04-20 N/A
The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users.
CVE-2016-6122 1 Ibm 1 Kenexa Lms On Cloud 2025-04-20 N/A
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to security questions in a response to authenticated users.
CVE-2016-6116 1 Ibm 1 Security Key Lifecycle Manager 2025-04-20 N/A
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVE-2016-4841 1 Cybozu 1 Mailwise 2025-04-20 N/A
Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.
CVE-2016-6102 1 Ibm 1 Security Key Lifecycle Manager 2025-04-20 N/A
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM Reference #: 2000359.