CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6240
https://notcve.org/view.php?id=CVE-2016-6240
Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. Error de truncamiento de entero en la función amap_alloc en OpenBSD 5.8 y 5.9 permite a usuarios locales ejecutar código arbitrario con privilegios del kernel a través de un valor de gran tamaño. • http://www.openbsd.org/errata58.html http://www.openbsd.org/errata59.html http://www.openwall.com/lists/oss-security/2016/07/14/5 http://www.openwall.com/lists/oss-security/2016/07/17/7 http://www.securityfocus.com/bid/91805 http://www.securitytracker.com/id/1036318 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6243
https://notcve.org/view.php?id=CVE-2016-6243
thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. thrsleep en kern/kern_synch.c en OpenBSD 5.8 y 5.9 permite a usuarios locales provocar una denegación de servicio (pánico en el kernel) a través un valor manipulado en el parámetro tsp de la llamada al sistema the __thrsleep. • http://www.openbsd.org/errata58.html http://www.openbsd.org/errata59.html http://www.openwall.com/lists/oss-security/2016/07/14/5 http://www.openwall.com/lists/oss-security/2016/07/17/7 http://www.securityfocus.com/bid/91805 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 1CVE-2016-6246
https://notcve.org/view.php?id=CVE-2016-6246
OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. OpenBSD 5.8 y 5.9 permite a ciertos usuarios locales con privilegios kern.usermount provocar una denegación de servicio (pánico en el kernel) montando un tmpfs con un VNOVAL en el (1) nombre de usuario, (2) nombre de grupo o (3) nombre de dispositivo del nodo root. • http://www.openbsd.org/errata58.html http://www.openbsd.org/errata59.html http://www.openwall.com/lists/oss-security/2016/07/14/5 http://www.openwall.com/lists/oss-security/2016/07/17/7 http://www.securityfocus.com/bid/91805 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 1%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html http://security.e-matters.de/advisories/092004.html http://www.securityfocus.com/bid/10499 https://exchange.xforce.ibmcloud.com/vulnerabilities/16365 •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2004-1082
https://notcve.org/view.php?id=CVE-2004-1082
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/9571 http://www.securitytracker.com/alerts/2004/Dec/1012414.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18347 •