Vulnerabilities > Oracle > VM Server

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-2571 Unspecified vulnerability in Oracle VM Server 3.6
Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems (component: Templates).
local
low complexity
oracle
3.3
2017-01-27 CVE-2017-3242 Improper Input Validation vulnerability in Oracle VM Server 3.2/3.4
Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager).
local
low complexity
oracle CWE-20
5.9
2016-10-16 CVE-2016-7039 Resource Management Errors vulnerability in multiple products
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.
network
low complexity
oracle linux CWE-399
7.5
2016-09-28 CVE-2016-2776 Improper Input Validation vulnerability in multiple products
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
network
low complexity
oracle isc hp CWE-20
7.5
2016-09-21 CVE-2016-3991 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
local
low complexity
oracle libtiff CWE-787
7.8
2016-09-21 CVE-2016-3990 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.
local
low complexity
libtiff oracle CWE-787
7.8
2016-09-21 CVE-2016-3945 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.
local
low complexity
libtiff oracle CWE-190
7.8
2016-09-21 CVE-2016-3632 Out-of-bounds Write vulnerability in multiple products
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
local
low complexity
libtiff oracle CWE-787
7.8
2016-08-06 CVE-2016-6198 Improper Access Control vulnerability in multiple products
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c.
local
low complexity
linux oracle CWE-284
5.5
2016-08-06 CVE-2016-6197 Improper Input Validation vulnerability in multiple products
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
local
low complexity
oracle linux CWE-20
5.5