Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2016-11-08 CVE-2016-7861 Incorrect Type Conversion or Cast vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability.
network
low complexity
adobe redhat CWE-704
8.8
8.8
2016-11-08 CVE-2016-7860 Incorrect Type Conversion or Cast vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability.
network
low complexity
adobe redhat CWE-704
8.8
8.8
2016-11-08 CVE-2016-7859 Use After Free vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2016-11-08 CVE-2016-7858 Use After Free vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2016-11-08 CVE-2016-7857 Use After Free vulnerability in multiple products
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2016-11-04 CVE-2016-8910 Infinite Loop vulnerability in multiple products
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
local
low complexity
qemu debian opensuse redhat CWE-835
6.0
6.0
2016-11-04 CVE-2016-8909 Infinite Loop vulnerability in multiple products
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
local
low complexity
qemu debian opensuse redhat CWE-835
6.0
6.0
2016-11-04 CVE-2016-8669 Divide By Zero vulnerability in multiple products
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.
local
low complexity
qemu opensuse redhat debian CWE-369
6.0
6.0
2016-11-04 CVE-2016-8576 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.
local
low complexity
qemu opensuse redhat debian CWE-770
6.0
6.0
2016-11-02 CVE-2016-8864 Reachable Assertion vulnerability in multiple products
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
network
low complexity
isc netapp redhat debian CWE-617
7.5
7.5