Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
errata security vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2016-5095
Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP prior to 5.5.36 and 5.6.x prior to 5.6.22 allows remote malicious users to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FIL...
Php Php 5.6.0
Php Php 5.6.1
Php Php 5.6.16
Php Php 5.6.17
Php Php 5.6.4
Php Php 5.6.5
Php Php 5.6.10
Php Php 5.6.11
Php Php 5.6.18
Php Php 5.6.19
Php Php 5.6.6
Php Php 5.6.7
Php Php 5.6.8
Php Php 5.6.14
Php Php 5.6.15
Php Php 5.6.21
Php Php 5.6.3
Php Php 5.6.12
Php Php 5.6.13
Php Php 5.6.2
Php Php 5.6.20
Php Php 5.6.9
8.6
CVSSv3
CVE-2016-5093
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP prior to 5.5.36, 5.6.x prior to 5.6.22, and 7.x prior to 7.0.7 does not ensure the presence of a '\0' character, which allows remote malicious users to cause a denial of service (out-of-bound...
Php Php 5.6.2
Php Php 5.6.19
Php Php 7.0.6
Php Php 5.6.18
Php Php 5.6.6
Php Php 5.6.7
Php Php 5.6.0
Php Php 5.6.1
Php Php 7.0.0
Php Php 7.0.1
Php Php 5.6.17
Php Php 5.6.16
Php Php 5.6.15
Php Php 5.6.8
Php Php 5.6.9
Php Php
Php Php 7.0.2
Php Php 7.0.3
Php Php 5.6.14
Php Php 5.6.3
Php Php 5.6.13
Php Php 5.6.12
8.1
CVSSv3
CVE-2016-5385
PHP up to and including 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirec...
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Communications User Data Repository 10.0.1
Oracle Linux 6
Oracle Linux 7
Oracle Communications User Data Repository 12.0.0
Oracle Communications User Data Repository 10.0.0
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Hp Storeever Msl6480 Tape Library Firmware
Hp System Management Homepage
Php Php
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.1
Drupal Drupal
1 Github repository
1 Article
7.5
CVSSv3
CVE-2016-4953
ntpd in NTP 4.x prior to 4.2.8p8 allows remote malicious users to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
Ntp Ntp
Ntp Ntp 4.2.8
Oracle Solaris 10
Oracle Solaris 11.3
Suse Manager 2.1
Suse Manager Proxy 2.1
Suse Openstack Cloud 5
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Siemens Simatic Net Cp 443-1 Opc Ua Firmware
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
5.5
CVSSv3
CVE-2016-5243
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel up to and including 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
Linux Linux Kernel
7.5
CVSSv3
CVE-2016-5244
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel up to and including 4.6.3 does not initialize a certain structure member, which allows remote malicious users to obtain sensitive information from kernel stack memory by reading an RDS message.
Fedoraproject Fedora 23
Suse Linux Enterprise Real Time Extension 11
Fedoraproject Fedora 24
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Real Time Extension 12
Suse Linux Enterprise Server 11
Redhat Enterprise Linux 6.0
Suse Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Workstation Extension 12
Redhat Enterprise Linux 5
Suse Linux Enterprise Desktop 12
Suse Opensuse Leap 42.1
Suse Suse Linux Enterprise Software Development Kit 12
Fedoraproject Fedora 22
Linux Linux Kernel
Suse Suse Linux Enterprise Server 12
7.8
CVSSv3
CVE-2016-4951
The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel up to and including 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dump...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Oracle Linux 6
7.5
CVSSv3
CVE-2015-8874
Stack consumption vulnerability in GD in PHP prior to 5.6.12 allows remote malicious users to cause a denial of service via a crafted imagefilltoborder call.
Opensuse Leap 42.1
Php Php
7.8
CVSSv3
CVE-2016-3135
Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel up to and including 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
1 EDB exploit
9 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2