Oracle Vm_server
36 CVEs affecting Oracle Vm_server. Latest disclosed: 2017-01-27. Critical: 2, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-4448 | Critical | 9.8 | 2016-06-09 | Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. |
CVE-2015-8668 | Critical | 9.8 | 2016-01-08 | Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbi… |
CVE-2016-3710 | High | 8.8 | 2016-05-11 | The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary co… |
CVE-2016-3960 | High | 8.8 | 2016-04-19 | Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by s… |
CVE-2016-1950 | High | 8.8 | 2016-03-13 | Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45… |
CVE-2016-4480 | High | 8.4 | 2016-05-18 | The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4… |
CVE-2016-3991 | High | 7.8 | 2016-09-21 | Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (ou… |
CVE-2016-3990 | High | 7.8 | 2016-09-21 | Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of se… |
CVE-2016-3945 | High | 7.8 | 2016-09-21 | Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, a… |
CVE-2016-3632 | High | 7.8 | 2016-09-21 | The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute… |
CVE-2016-7039 | High | 7.5 | 2016-10-16 | The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified… |
CVE-2016-2776 | High | 7.5 | 2016-09-28 | buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remot… |
CVE-2016-4447 | High | 7.5 | 2016-06-09 | The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underre… |
CVE-2016-3627 | High | 7.5 | 2016-05-17 | The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of s… |
CVE-2016-2117 | High | 7.5 | 2016-05-02 | The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remo… |
CVE-2016-2270 | Medium | 6.8 | 2016-02-19 | Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with… |
CVE-2016-4962 | Medium | 6.7 | 2016-06-07 | The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facili… |
CVE-2016-3115 | Medium | 6.4 | 2016-03-22 | Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrict… |
CVE-2017-3242 | Medium | 5.9 | 2017-01-27 | Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager). Supported versions that are affect… |
CVE-2016-6198 | Medium | 5.5 | 2016-08-06 | The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows… |