CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2016-7167 – curl: escape and unescape integer overflows
https://notcve.org/view.php?id=CVE-2016-7167
16 Sep 2016 — Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow. Múltiples desbordamientos de entero en las funciones (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape y (4) curl_easy_unescape en libcurl en versiones anteriores a 7.50.3 permiten a atacantes tener impacto no especificado a tra... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 6%CPEs: 5EXPL: 0CVE-2016-5157 – chromium-browser: heap overflow in pdfium
https://notcve.org/view.php?id=CVE-2016-5157
11 Sep 2016 — Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data. Desbordamiento de búfer basado en memoria dinámica en la función opj_dwt_interleave_v en dwt.c en OpenJPEG, tal como se utiliza en PDFium en Google Chrome en versiones anteriores a 53.0.2785.89 en Windows y SO X y en v... • http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-5404 – ipa: Insufficient privileges check in certificate revocation
https://notcve.org/view.php?id=CVE-2016-5404
01 Sep 2016 — The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. El comando cert_revoke en FreeIPA no realiza comprobaciones para el permiso "certificado de revocación", lo que permite a usuarios remotos autenticados revocar certificados arbitrarios aprovechando el permiso "certificado de recuperación". An insufficient permission check issue was found in the... • http://rhn.redhat.com/errata/RHSA-2016-1797.html • CWE-284: Improper Access Control CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 2%CPEs: 29EXPL: 3CVE-2016-6855 – Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write
https://notcve.org/view.php?id=CVE-2016-6855
23 Aug 2016 — Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup. Eye of GNOME (también conocido como eog) 3.16.5, 3.17.x, 3.18.x en versiones anteriores a 3.18.3, 3.19.x y 3.20.x en versiones anteriores a 3.20.4, cuando es utilizado con glib en versiones anteriores a 2.44.1, permiten a atacantes remotos pr... • https://packetstorm.news/files/id/138486 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 4%CPEs: 8EXPL: 0CVE-2016-1000110 – CGIHandler: sets environmental variable based on user supplied Proxy request header
https://notcve.org/view.php?id=CVE-2016-1000110
21 Aug 2016 — The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. La clase CGIHandler en Python versiones anteriores a la versión 2.7.12, no protege contra el conflicto de nombre de la variable HTTP_PROXY en un script CGI, lo que podría permitir a un atacante remoto redireccionar las peticiones HTTP. It was discovered that the Python CGIHandler class did not properly protect against the HTT... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-5384 – fontconfig: Possible double free due to insufficiently validated cache files
https://notcve.org/view.php?id=CVE-2016-5384
08 Aug 2016 — fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. fontconfig en versiones anteriores a 2.12.1 no valida offsets, lo que permite a usuarios locales desencadenar llamadas gratis arbitrarias y consecuentemente llevar a cabo ataques gratuitos dobles y ejecutar código arbitrario a través de un archivo de caché manipulado. It was found that cache files were i... • http://rhn.redhat.com/errata/RHSA-2016-2601.html • CWE-20: Improper Input Validation CWE-415: Double Free •
CVSS: 8.1EPSS: 2%CPEs: 9EXPL: 0CVE-2016-5421 – curl: Use of connection struct after free
https://notcve.org/view.php?id=CVE-2016-5421
03 Aug 2016 — Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación de memoria en libcurl en versiones anteriores a 7.50.1 permite a atacantes controlar qué conexión es usada o posiblemente tener otros impactos no especificados a través de vectores desconocidos. A use-after-free flaw was found in libcurl. When invoking curl_easy_perform() after cleaning up a multi... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00011.html • CWE-416: Use After Free •
CVSS: 9.1EPSS: 10%CPEs: 5EXPL: 0CVE-2016-6254 – Debian Security Advisory 3636-1
https://notcve.org/view.php?id=CVE-2016-6254
31 Jul 2016 — Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet. Desbordamiento de búfer basado en memoria dinámica en la función parse_packet en network.c en collectd en versiones anteriores a 5.4.3 y 5.x en versiones anteriores a 5.5.2 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posib... • http://collectd.org/news.shtml • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 253EXPL: 0CVE-2016-1238 – Gentoo Linux Security Advisory 201812-07
https://notcve.org/view.php?id=CVE-2016-1238
25 Jul 2016 — (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Modul... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2016-6185 – Ubuntu Security Notice USN-3625-1.tt
https://notcve.org/view.php?id=CVE-2016-6185
25 Jul 2016 — The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory. El método XSLoader::load en XSLoader en Perl no localiza adecuadamente archivos .so cuando se le llama en una cadena eval, lo que podría permitir a usuarios locales ejecutar código arbitrario a través de una librería Troyano bajo el directorio de trabajo actual. It was discovered ... • http://perl5.git.perl.org/perl.git/commitdiff/08e3451d7 •