CVSS: 9.8EPSS: 5%CPEs: 9EXPL: 0CVE-2016-4002
https://notcve.org/view.php?id=CVE-2016-4002
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes. Desbordamiento de buffer en la función mipsnet_receive en hw/net/mipsnet.c en QEMU, cuando el NIC invitado se configura para aceptar paquetes grandes, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de QEMU) o posiblemente ejecutar código arbitrario a través de un paquete de más de 1514 bytes. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html http://www.openwall.com/lists/oss-security/2016/04/11/6 http://www.openwall.com/lists/oss-security/2016/04/12/7 http://www.securityfocus.com/bid/85992 http://www.ubuntu.com/usn/USN-2974-1 https://bugzilla.redhat.com/show_bug.cgi?id=1326082 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 46%CPEs: 13EXPL: 3CVE-2016-3074 – libgd 2.1.1 - Signedness Heap Overflow
https://notcve.org/view.php?id=CVE-2016-3074
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. Error de entero sin signo en GD Graphics Library 2.1.1 (también conocida como libgd o libgd2) permite a atacantes remotos provocar una denegación de servicio (caída) o potencialmente ejecutar código arbitrario a través de datos gd2 comprimidos manipulados, lo que desencadena un desbordamiento de buffer basado en memoria dinámica. A signedness vulnerability exists in libgd version 2.1.1 which may result in a heap overflow when processing compressed gd2 data. • https://www.exploit-db.com/exploits/39736 http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183263.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183724.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html http://packetstormsecurity.com/files/136757/libgd-2.1.1-Signedness.html http://rhn.redhat.com/errata/RHSA-2016-2750.html http://seclists.org/fulldisclosure/2016/Apr/72 http://www.debian.org/security/2016/dsa-3556 http& • CWE-122: Heap-based Buffer Overflow CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-3960
https://notcve.org/view.php?id=CVE-2016-3960
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping. Desbordamiento de entero en el código shadow pagetable en Xen permite a usuarios locales del SO invitado provocar una denegación de servicio (caída de host) o posiblemente obtener privilegios sombreando un mapeo de superpágina. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html http://support.citrix.com/article/CTX209443 http://www.debian.org/security/2016/dsa-3554 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/86318 http://www.securitytracker.com/id/1035587 http://xenbits • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 2CVE-2016-4021 – pgpdump 0.29 Endless Loop
https://notcve.org/view.php?id=CVE-2016-4021
The read_binary function in buffer.c in pgpdump before 0.30 allows context-dependent attackers to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string. La función read_binary en buffer.c en pgpdump en versiones anteriores a 0.30 permite a atacantes dependientes del contexto provocar una denegación de servicio (bucle infinito y consumo de CPU) a través de una entrada manipulada, según lo demostrado por la cadena \xa3\x03. pgpdump version 0.29 suffers from an endless loop parsing issue that can lead to a denial of service. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183750.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184617.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184689.html http://seclists.org/bugtraq/2016/Apr/99 https://github.com/kazu-yamamoto/pgpdump/pull/16 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3071
https://notcve.org/view.php?id=CVE-2016-3071
Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform. Libreswan 3.16 podría permitir a atacantes remotos provocar una denegación de servicio (reinicio del demonio) a través de una tranformación de IKEv2 aes_xcbc. • http://download.libreswan.org/CHANGES http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182050.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182130.html http://www.securityfocus.com/bid/87295 https://libreswan.org/security/CVE-2016-3071/CVE-2016-3071.txt • CWE-20: Improper Input Validation CWE-310: Cryptographic Issues •