Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-06 | CVE-2016-6506 | Resource Management Errors vulnerability in Wireshark epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | 5.9 |
| 2016-08-06 | CVE-2016-6505 | Divide By Zero vulnerability in Wireshark epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet. | 5.9 |
| 2016-08-06 | CVE-2016-6504 | NULL Pointer Dereference vulnerability in Wireshark epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. | 5.9 |
| 2016-08-06 | CVE-2016-6503 | Improper Input Validation vulnerability in Wireshark The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.9 |
| 2016-08-06 | CVE-2016-6516 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability. | 4.4 |
| 2016-08-06 | CVE-2016-6480 | Race Condition vulnerability in Linux Kernel Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability. | 4.7 |
| 2016-08-06 | CVE-2016-6198 | Improper Access Control vulnerability in Linux Kernel The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c. | 4.9 |
| 2016-08-06 | CVE-2016-6197 | Improper Input Validation vulnerability in multiple products fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. | 4.9 |
| 2016-08-06 | CVE-2016-6162 | Improper Input Validation vulnerability in Linux Kernel 4.7 net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations. | 4.6 |
| 2016-08-06 | CVE-2016-5696 | Information Exposure vulnerability in multiple products net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. | 5.8 |