Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vm_server
(Oracle)| Repositories | https://github.com/torvalds/linux |
| #Vulnerabilities | 38 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-08-06 | CVE-2016-6197 | fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. | Linux_kernel, Linux, Vm_server | 5.5 | ||
| 2016-09-28 | CVE-2016-2776 | buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | Hp\-Ux, Bind, Linux, Solaris, Vm_server | 7.5 | ||
| 2015-12-16 | CVE-2015-8000 | db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute. | Bind, Linux, Solaris, Vm_server | N/A | ||
| 2017-01-27 | CVE-2017-3242 | Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager). Supported versions that are affected are 3.2 and 3.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM Server for Sparc executes to compromise Oracle VM Server for Sparc. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM Server... | Vm_server | 5.9 | ||
| 2016-06-07 | CVE-2016-4962 | The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore. | Vm_server, Xen | 6.7 | ||
| 2016-05-18 | CVE-2016-4480 | The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory. | Vm_server, Xen | 8.4 | ||
| 2016-09-21 | CVE-2016-3991 | Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles. | Libtiff, Vm_server | 7.8 | ||
| 2016-09-21 | CVE-2016-3990 | Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp. | Libtiff, Vm_server | 7.8 | ||
| 2016-04-19 | CVE-2016-3960 | Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping. | Fedora, Vm_server, Xen | 8.8 | ||
| 2016-09-21 | CVE-2016-3945 | Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write. | Libtiff, Vm_server | 7.8 |