Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-28 | CVE-2016-9576 | Use After Free vulnerability in Linux Kernel The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device. | 7.8 |
| 2016-12-28 | CVE-2016-6787 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 31095224. | 7.0 |
| 2016-12-28 | CVE-2016-6786 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111. | 7.0 |
| 2016-12-28 | CVE-2012-6704 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option. | 7.8 |
| 2016-12-27 | CVE-2016-10072 | Permissions, Privileges, and Access Controls vulnerability in Wampserver 3.0.6 WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. | 7.5 |
| 2016-12-27 | CVE-2016-10031 | Permissions, Privileges, and Access Controls vulnerability in Wampserver 3.0.6 WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. | 7.5 |
| 2016-12-26 | CVE-2016-9217 | Improper Authorization vulnerability in Cisco Intercloud Fabric 2.2.1Base/2.3.1Base/3.1.1Base A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. | 8.8 |
| 2016-12-25 | CVE-2016-10041 | Permissions, Privileges, and Access Controls vulnerability in Sprecher-Automation Sprecon-E Service Program 3.42 An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. | 7.5 |
| 2016-12-24 | CVE-2016-10039 | Path Traversal vulnerability in Modx Revolution Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles. | 7.3 |
| 2016-12-24 | CVE-2016-10038 | Path Traversal vulnerability in Modx Revolution Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove. | 7.3 |