|
211761
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service …
|
NVD-CWE-noinfo
|
CVE-2015-8818
|
2024-11-21 11:39 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211762
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write cal…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2015-8817
|
2024-11-21 11:39 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211763
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS…
|
CWE-617
Reachable Assertion
|
CVE-2015-8745
|
2024-11-21 11:39 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211764
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged …
|
CWE-20
Improper Input Validation
|
CVE-2015-8744
|
2024-11-21 11:39 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211765
|
7.1 |
HIGH
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2015-8743
|
2024-11-21 11:39 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211766
|
6.5 |
MEDIUM
Network
|
oracle
pivotal_software
|
solaris
rabbitmq
|
The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_inc…
|
CWE-399
Resource Management Errors
|
CVE-2015-8786
|
2024-11-21 11:39 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211767
|
7.8 |
HIGH
Local
|
google
linux
|
android
linux_kernel
|
arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileg…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8967
|
2024-11-21 11:39 |
2016-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211768
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8966
|
2024-11-21 11:39 |
2016-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211769
|
7.4 |
HIGH
Network
|
libtiff
|
libtiff
|
Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process …
|
CWE-20
CWE-190
Improper Input Validation
Integer Overflow or Wraparound
|
CVE-2015-8870
|
2024-11-21 11:39 |
2016-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211770
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local u…
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8970
|
2024-11-21 11:39 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
