CVSS: 9.3EPSS: 4%CPEs: 34EXPL: 0CVE-2016-4156 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4156
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html •
CVSS: 9.3EPSS: 2%CPEs: 29EXPL: 0CVE-2016-4153 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4153
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4154 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4154
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-9773
https://notcve.org/view.php?id=CVE-2014-9773
13 Jun 2016 — modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks. modules/chanserv/flags.c en Atheme en versiones anteriores a 7.2.7 permite a atacantes remotos modificar el comportamiento de Anope FLAGS registrando y soltando (1) LIST, (2) CLEAR o (3) MODIFY nicks de palabras clave. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00061.html • CWE-284: Improper Access Control •
CVSS: 9.1EPSS: 2%CPEs: 3EXPL: 0CVE-2015-8869 – ocaml: sizes arguments are sign-extended from 32 to 64 bits
https://notcve.org/view.php?id=CVE-2015-8869
13 Jun 2016 — OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function. OCaml en versiones anteriores a 4.03.0 no maneja correctamente extensiones de firma, lo que permite a atacantes remotos llevar a cabo ataques de desbordamiento de buffer u obtener información sensible según lo demostrado por una cadena larga para la función String.copy. An integer conversio... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184507.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-194: Unexpected Sign Extension CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2016-4414
https://notcve.org/view.php?id=CVE-2016-4414
13 Jun 2016 — The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data. La función onReadyRead en core/coreauthhandler.cpp en Quassel en versiones anteriores a 0.12.4 permite a atacantes remotos provocar una caída de servicio (referencia a un puntero NULL y caída) a través de una información handshake no válida. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2016-5104 – Ubuntu Security Notice USN-3026-1
https://notcve.org/view.php?id=CVE-2016-5104
13 Jun 2016 — The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket. La función socket_create en common/socket.c en libimobiledevice y libusbmuxd permite a atacantes remotos eludir las restricciones destinadas al acceso y comunicarse con servicios en dispositivos de iOS conectándose a un socket IPv4 TCP. It was discovered that libimobiledevice incorrect... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-2824
https://notcve.org/view.php?id=CVE-2016-2824
13 Jun 2016 — The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array. La clase TSymbolTableLevel en ANGLE, tal como se utiliza en Mozilla Firefox en versiones anteriores a 47.0 y Firefox ESR 45.x en versiones anteriores a 45.2 en Windows, permite a atacantes r... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 1%CPEs: 7EXPL: 0CVE-2016-4429 – Ubuntu Security Notice USN-3239-3
https://notcve.org/view.php?id=CVE-2016-4429
10 Jun 2016 — Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. Desbordamiento del buffer basado en pila en la función clntudp_call en sunrpc/clnt_udp.c en GNU C Library (también conocida como glibc o libc6) permite a atacantes remotos provocar una denegación del servicio (caída) o posiblemente tener otro impacto ... • http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2016-3706 – Ubuntu Security Notice USN-3239-3
https://notcve.org/view.php?id=CVE-2016-3706
10 Jun 2016 — Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458. Desbordamiento del buffer basado en pila en la función getaddrinfo en sysdeps/posix/getaddrinfo.c en GNU C Library (también conocida como glibc o libc6) permite a atacantes remotos provocar una denega... • http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html • CWE-20: Improper Input Validation •