Vulnerabilities > Data Processing Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-04-13 | CVE-2016-3630 | Data Processing Errors vulnerability in multiple products The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records. | 8.8 |
2016-04-12 | CVE-2016-0150 | Data Processing Errors vulnerability in Microsoft Windows 10 1511 HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." | 7.5 |
2016-04-12 | CVE-2016-3171 | Data Processing Errors vulnerability in multiple products Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation. | 8.1 |
2016-04-11 | CVE-2015-8240 | Data Processing Errors vulnerability in F5 products The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable. | 7.5 |
2016-04-07 | CVE-2016-2510 | Data Processing Errors vulnerability in multiple products BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler. | 8.1 |
2016-04-05 | CVE-2016-2000 | Data Processing Errors vulnerability in HP products HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | 9.8 |
2016-03-24 | CVE-2016-1781 | Data Processing Errors vulnerability in Apple Iphone OS WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors. | 4.3 |
2016-03-24 | CVE-2016-1771 | Data Processing Errors vulnerability in Apple Safari The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site. | 6.5 |
2016-03-24 | CVE-2009-2197 | Data Processing Errors vulnerability in Apple Safari Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog. | 4.3 |
2016-03-13 | CVE-2016-2795 | Data Processing Errors vulnerability in multiple products The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font. | 8.8 |