Total
165 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10142 | 1 Ietf | 1 Ipv6 | 2024-02-04 | 5.0 MEDIUM | 8.6 HIGH |
| An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security implications of IP fragmentation have been discussed at length in [RFC6274] and [RFC7739]. An attacker can leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow (in scenarios in which actual fragmentation of packets is not needed) and can subsequently perform any type of fragmentation-based attack against legacy IPv6 nodes that do not implement [RFC6946]. That is, employing fragmentation where not actually needed allows for fragmentation-based attack vectors to be employed, unnecessarily. We note that, unfortunately, even nodes that already implement [RFC6946] can be subject to DoS attacks as a result of the generation of IPv6 atomic fragments. Let us assume that Host A is communicating with Host B and that, as a result of the widespread dropping of IPv6 packets that contain extension headers (including fragmentation) [RFC7872], some intermediate node filters fragments between Host B and Host A. If an attacker sends a forged ICMPv6 PTB error message to Host B, reporting an MTU smaller than 1280, this will trigger the generation of IPv6 atomic fragments from that moment on (as required by [RFC2460]). When Host B starts sending IPv6 atomic fragments (in response to the received ICMPv6 PTB error message), these packets will be dropped, since we previously noted that IPv6 packets with extension headers were being dropped between Host B and Host A. Thus, this situation will result in a DoS scenario. Another possible scenario is that in which two BGP peers are employing IPv6 transport and they implement Access Control Lists (ACLs) to drop IPv6 fragments (to avoid control-plane attacks). If the aforementioned BGP peers drop IPv6 fragments but still honor received ICMPv6 PTB error messages, an attacker could easily attack the corresponding peering session by simply sending an ICMPv6 PTB message with a reported MTU smaller than 1280 bytes. Once the attack packet has been sent, the aforementioned routers will themselves be the ones dropping their own traffic. | |||||
| CVE-2016-10075 | 1 Tqdm Project | 1 Tqdm | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory. | |||||
| CVE-2015-3183 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. | |||||
| CVE-2015-7045 | 1 Apple | 2 Mac Os X, Tvos | 2024-02-04 | 5.0 MEDIUM | N/A |
| Keychain Access in Apple OS X before 10.11.2 and tvOS before 9.1 improperly interacts with Keychain Agent, which allows attackers to spoof the Keychain Server via unspecified vectors. | |||||
| CVE-2015-7023 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-02-04 | 5.8 MEDIUM | N/A |
| CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors. | |||||
| CVE-2015-2270 | 1 Moodle | 1 Moodle | 2024-02-04 | 4.3 MEDIUM | N/A |
| lib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4, when the theme uses the blocks-regions feature, establishes the course state at an incorrect point in the login-validation process, which allows remote attackers to obtain sensitive course information via unspecified vectors. | |||||
| CVE-2016-1943 | 3 Google, Mozilla, Opensuse | 4 Android, Firefox, Leap and 1 more | 2024-02-04 | 4.3 MEDIUM | 4.7 MEDIUM |
| Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method. | |||||
| CVE-2015-6758 | 1 Google | 1 Chrome | 2024-02-04 | 6.8 MEDIUM | N/A |
| The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. | |||||
| CVE-2015-2526 | 1 Microsoft | 1 .net Framework | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability." | |||||
| CVE-2014-9731 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c. | |||||
| CVE-2015-4943 | 1 Ibm | 1 Websphere Mq Light | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR service crash) via a series of connect and disconnect actions, a different vulnerability than CVE-2015-4942. | |||||
| CVE-2015-2922 | 5 Debian, Fedoraproject, Linux and 2 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-02-04 | 3.3 LOW | N/A |
| The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. | |||||
| CVE-2014-8155 | 1 Gnu | 1 Gnutls | 2024-02-04 | 4.3 MEDIUM | N/A |
| GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid. | |||||
| CVE-2015-0847 | 2 Canonical, Wouter Verhelst | 2 Ubuntu Linux, Nbd | 2024-02-04 | 7.8 HIGH | N/A |
| nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors. | |||||
| CVE-2015-1259 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-04 | 7.5 HIGH | N/A |
| PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2015-8547 | 2 Opensuse, Quassel-irc | 3 Leap, Opensuse, Quassel | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query. | |||||
| CVE-2015-6760 | 1 Google | 1 Chrome | 2024-02-04 | 7.5 HIGH | N/A |
| The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or write) or possibly have unspecified other impact via vectors involving a removed device. | |||||
| CVE-2015-4963 | 1 Ibm | 1 Security Access Manager For Web | 2024-02-04 | 7.5 HIGH | N/A |
| IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows remote attackers to read or write to arbitrary files via unspecified vectors. | |||||
| CVE-2015-7311 | 1 Xen | 1 Xen | 2024-02-04 | 3.6 LOW | N/A |
| libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. | |||||
| CVE-2016-1940 | 2 Google, Mozilla | 2 Android, Firefox | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing. | |||||