Total
12616 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-3293 | 1 Microsoft | 2 Edge, Internet Explorer | 2024-08-05 | N/A |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability." | ||||
CVE-2016-3243 | 1 Microsoft | 1 Internet Explorer | 2024-08-05 | N/A |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||||
CVE-2016-3264 | 1 Microsoft | 2 Edge, Internet Explorer | 2024-08-05 | N/A |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | ||||
CVE-2016-3204 | 1 Microsoft | 1 Internet Explorer | 2024-08-05 | N/A |
The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||||
CVE-2016-3191 | 2 Pcre, Redhat | 4 Pcre, Pcre2, Enterprise Linux and 1 more | 2024-08-05 | N/A |
The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542. | ||||
CVE-2016-3259 | 1 Microsoft | 2 Edge, Internet Explorer | 2024-08-05 | N/A |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3248. | ||||
CVE-2016-3265 | 1 Microsoft | 1 Edge | 2024-08-05 | N/A |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3269. | ||||
CVE-2016-3207 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2024-08-05 | N/A |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3206. | ||||
CVE-2016-3240 | 1 Microsoft | 1 Internet Explorer | 2024-08-05 | N/A |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3241 and CVE-2016-3242. | ||||
CVE-2016-3206 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2024-08-05 | N/A |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3207. | ||||
CVE-2016-3182 | 1 Uclouvain | 1 Openjpeg | 2024-08-05 | 5.5 Medium |
The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file. | ||||
CVE-2016-3202 | 1 Microsoft | 5 Chakra Javascript, Edge, Internet Explorer and 2 more | 2024-08-05 | N/A |
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||||
CVE-2016-3190 | 3 Cairographics, Opensuse, Redhat | 3 Cairo, Opensuse, Enterprise Linux | 2024-08-05 | N/A |
The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length. | ||||
CVE-2016-3147 | 1 Ivanti | 1 Landesk Management Suite | 2024-08-05 | 9.8 Critical |
Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large packet. | ||||
CVE-2016-3142 | 3 Apple, Php, Redhat | 3 Mac Os X, Php, Rhel Software Collections | 2024-08-05 | N/A |
The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location. | ||||
CVE-2016-3134 | 3 Linux, Novell, Redhat | 12 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop and 9 more | 2024-08-05 | N/A |
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call. | ||||
CVE-2016-3141 | 3 Apple, Php, Redhat | 3 Mac Os X, Php, Rhel Software Collections | 2024-08-05 | N/A |
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element. | ||||
CVE-2016-3075 | 5 Canonical, Fedoraproject, Gnu and 2 more | 5 Ubuntu Linux, Fedora, Glibc and 2 more | 2024-08-05 | N/A |
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name. | ||||
CVE-2016-3076 | 1 Python | 1 Pillow | 2024-08-05 | N/A |
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted Jpeg2000 file. | ||||
CVE-2016-3077 | 1 Redhat | 2 Ovirt-engine, Rhev Manager | 2024-08-05 | N/A |
The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs. |