Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-07 | CVE-2016-6522 | Integer Overflow or Wraparound vulnerability in Openbsd 5.9 Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. | 5.5 |
| 2017-03-07 | CVE-2016-6350 | NULL Pointer Dereference vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | 5.5 |
| 2017-03-07 | CVE-2016-6247 | Improper Input Validation vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | 5.5 |
| 2017-03-07 | CVE-2016-6246 | Improper Input Validation vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | 4.4 |
| 2017-03-07 | CVE-2016-6245 | Unspecified vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. | 5.5 |
| 2017-03-07 | CVE-2016-6243 | Improper Input Validation vulnerability in Openbsd 5.8/5.9 thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | 5.5 |
| 2017-03-07 | CVE-2016-6242 | Numeric Errors vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | 5.5 |
| 2017-03-07 | CVE-2016-6239 | Improper Input Validation vulnerability in Openbsd 5.8/5.9 The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | 5.5 |
| 2017-03-07 | CVE-2016-4948 | Cross-site Scripting vulnerability in Cloudera Manager Multiple cross-site scripting (XSS) vulnerabilities in Cloudera Manager 5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Template Name field when renaming a template; (2) KDC Server host, (3) Kerberos Security Realm, (4) Kerberos Encryption Types, (5) Advanced Configuration Snippet (Safety Valve) for [libdefaults] section of krb5.conf, (6) Advanced Configuration Snippet (Safety Valve) for the Default Realm in krb5.conf, (7) Advanced Configuration Snippet (Safety Valve) for remaining krb5.conf, or (8) Active Directory Account Prefix fields in the Kerberos wizard; or (9) classicWizard parameter to cmf/cloudera-director/redirect. | 6.1 |
| 2017-03-07 | CVE-2016-4947 | Information Exposure vulnerability in Cloudera HUE 3.9.0 Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate user accounts via a request to desktop/api/users/autocomplete. | 5.3 |