Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-18 | CVE-2016-6896 | Path Traversal vulnerability in Wordpress 4.5.3 Directory traversal vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress 4.5.3 allows remote authenticated users to cause a denial of service or read certain text files via a .. | 7.1 |
| 2017-01-18 | CVE-2016-10148 | Improper Access Control vulnerability in Wordpress The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to wp-admin/admin-ajax.php, a related issue to CVE-2016-6896. | 4.3 |
| 2017-01-18 | CVE-2016-10147 | NULL Pointer Dereference vulnerability in Linux Kernel crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5). | 5.5 |
| 2017-01-18 | CVE-2016-9844 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unzip Project Unzip 6.0 Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header. | 4.0 |
| 2017-01-18 | CVE-2016-9584 | Use After Free vulnerability in Libical Project Libical libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. | 9.1 |
| 2017-01-18 | CVE-2016-9297 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. | 7.5 |
| 2017-01-18 | CVE-2016-9279 | Use After Free vulnerability in Samsung Exynos Fimg2D Driver Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2017-01-18 | CVE-2016-9278 | Improper Input Validation vulnerability in Samsung Exynos Fimg2D Driver The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. | 5.5 |
| 2017-01-18 | CVE-2016-9273 | Out-of-bounds Read vulnerability in Libtiff 4.0.6 tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | 5.5 |
| 2017-01-18 | CVE-2016-9109 | Out-of-bounds Read vulnerability in Artifex Mujs Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. | 7.5 |