CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4150 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4150
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4151 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4151
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4154 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4154
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4152 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4152
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 29EXPL: 0CVE-2016-4153 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4153
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 42EXPL: 0CVE-2016-4448 – libxml2: Format string vulnerability
https://notcve.org/view.php?id=CVE-2016-4448
27 May 2016 — Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. Vulnerabilidad de formato de cadena en libxml2 en versiones anteriores a 2.9.4 permite a atacantes tener un impacto no especificado a través de especificadores de formato de cadena en vectores desconocidos. It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an atta... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 2%CPEs: 18EXPL: 1CVE-2016-4447 – libxml2: Heap-based buffer underreads due to xmlParseName
https://notcve.org/view.php?id=CVE-2016-4447
27 May 2016 — The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. La función xmlParseElementDecl en parser.c en libxml2 en versiones anteriores a 2.9.4 permite a atacantes dependientes del contexto provocar una denegación de servicio (underread basado en memoria dinámica y caída de aplicación) a través de un archivo manipulado, con la participació... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 1%CPEs: 26EXPL: 1CVE-2016-0718 – expat: Out-of-bounds heap read on crafted input causing crash
https://notcve.org/view.php?id=CVE-2016-0718
18 May 2016 — Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. Expat permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un documento de entrada mal formado, lo que desencadena un desbordamiento de buffer. An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker c... • https://packetstorm.news/files/id/141350 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 30EXPL: 1CVE-2016-1840 – libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup
https://notcve.org/view.php?id=CVE-2016-1840
17 May 2016 — Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. Desbordamiento del buffer basado en memoria dinámica en la función xmlFAParsePosCharGroup en libxml2 en versiones anteriores a 2.9.4, como se utiliza en Apple iOS en versiones anteriores a 9.3.... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 1%CPEs: 30EXPL: 2CVE-2016-1833 – libxml2: Heap-based buffer overread in htmlCurrentChar
https://notcve.org/view.php?id=CVE-2016-1833
17 May 2016 — The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. La función htmlCurrentChar en libxml2 en versiones anteriores a 2.9.4, como se utiliza en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a ... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •