Vulnerabilities > Data Processing Errors

DATE CVE VULNERABILITY TITLE RISK
2016-04-13 CVE-2016-3630 Data Processing Errors vulnerability in multiple products
The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
8.8
2016-04-12 CVE-2016-0150 Data Processing Errors vulnerability in Microsoft Windows 10 1511
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."
network
low complexity
microsoft CWE-19
7.5
2016-04-12 CVE-2016-3171 Data Processing Errors vulnerability in multiple products
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
network
high complexity
drupal debian CWE-19
8.1
2016-04-11 CVE-2015-8240 Data Processing Errors vulnerability in F5 products
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.
network
low complexity
f5 CWE-19
7.5
2016-04-07 CVE-2016-2510 Data Processing Errors vulnerability in multiple products
BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.
network
high complexity
beanshell debian canonical CWE-19
8.1
2016-04-05 CVE-2016-2000 Data Processing Errors vulnerability in HP products
HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
network
low complexity
hp CWE-19
critical
9.8
2016-03-24 CVE-2016-1781 Data Processing Errors vulnerability in Apple Iphone OS
WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors.
network
low complexity
apple CWE-19
4.3
2016-03-24 CVE-2016-1771 Data Processing Errors vulnerability in Apple Safari
The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site.
network
low complexity
apple CWE-19
6.5
2016-03-24 CVE-2009-2197 Data Processing Errors vulnerability in Apple Safari
Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog.
network
low complexity
apple CWE-19
4.3
2016-03-13 CVE-2016-2795 Data Processing Errors vulnerability in multiple products
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
network
low complexity
suse opensuse oracle mozilla sil CWE-19
8.8