Vulnerabilities > Data Processing Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-06-16 | CVE-2016-3231 | Data Processing Errors vulnerability in Microsoft Windows Diagnostics HUB The Standard Collector service in Windows Diagnostics Hub mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Diagnostics Hub Elevation of Privilege Vulnerability." | 7.2 |
2016-06-07 | CVE-2013-7440 | Data Processing Errors vulnerability in Python The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. | 4.3 |
2016-05-09 | CVE-2016-4477 | Data Processing Errors vulnerability in Google Android wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command. | 4.4 |
2016-05-02 | CVE-2015-1573 | Data Processing Errors vulnerability in Linux Kernel The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability. | 4.9 |
2016-04-27 | CVE-2016-2085 | Data Processing Errors vulnerability in Linux Kernel The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack. | 2.1 |
2016-04-22 | CVE-2016-4062 | Data Processing Errors vulnerability in Foxitsoftware Foxit Reader and Phantompdf Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. | 4.3 |
2016-04-15 | CVE-2015-5348 | Data Processing Errors vulnerability in Apache Camel Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request. | 8.1 |
2016-04-15 | CVE-2016-1274 | Data Processing Errors vulnerability in Juniper Junos 14.1X53 Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches allows remote attackers to cause a denial of service (PFE panic) via a high rate of unspecified VXLAN packets. | 7.8 |
2016-04-15 | CVE-2016-1270 | Data Processing Errors vulnerability in Juniper Junos The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update. | 5.0 |
2016-04-13 | CVE-2016-3630 | Data Processing Errors vulnerability in multiple products The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records. | 8.8 |