2017-08-08 | CVE-2017-10096 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). | 9.6 |
2017-08-08 | CVE-2017-10101 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). | 9.6 |
2017-08-08 | CVE-2017-10102 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). | 9.0 |
2017-08-08 | CVE-2017-10107 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). | 9.6 |
2017-08-08 | CVE-2017-10111 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 9.6 |
2017-06-20 | CVE-2017-3167 | Improper Authentication vulnerability in multiple products In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. | 9.8 |
2017-05-23 | CVE-2016-9841 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 9.8 |
2017-05-23 | CVE-2016-9843 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | 9.8 |
2017-04-11 | CVE-2016-1908 | Improper Authentication vulnerability in multiple products The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. | 9.8 |
2016-01-08 | CVE-2015-7512 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. | 9.0 |