Open Bugtraq


2016-12-09
Med.
High
Low
High
High
2016-12-08
Med.
Med.
Med.
2016-12-07
High
High
Med.
Med.
Med.


The latest CVEs

2016-12-08
CVE-2016-8102 Intel Wireless bluetooth drivers
Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges.

CVE-2016-8655 Linux Linux kernel
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

CVE-2016-9839 UMN Mapserver
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.

CVE-2016-9888 Gnome Libgsf
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file.

CVE-2016-9917 Bluez project Bluez
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

CVE-2016-9918 Bluez project Bluez
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

CVE-2016-8104 Intel Proset/wireless software and d...
Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service.

CVE-2016-9919 Linux Linux kernel
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.

CVE-2016-9920 Roundcube Webmail
steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated users to execute arbitrary code via a modified HTTP request that sends a...

CVE-2015-8966 Linux Linux kernel
arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.


Dorks


2016-12-07
Low
Tabriz Hacker
2016-12-06
Med.
Azerbaijan Cyber Army
Med.
Azerbaycanli Hacker
2016-12-03
Med.
TheCenahmet
Med.
TheCenahmet

Copyright 2016, cxsecurity.com