Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-2118

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-12 Apr, 2016 | 23:00
Updated At-05 Aug, 2024 | 23:17
Rejected At-
Credits

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:12 Apr, 2016 | 23:00
Updated At:05 Aug, 2024 | 23:17
Rejected At:
▼CVE Numbering Authority (CNA)

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
vendor-advisory
x_refsource_SLACKWARE
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2016-0612.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2950-1
vendor-advisory
x_refsource_UBUNTU
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2016-0613.html
vendor-advisory
x_refsource_REDHAT
http://badlock.org/
x_refsource_MISC
http://rhn.redhat.com/errata/RHSA-2016-0621.html
vendor-advisory
x_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
vendor-advisory
x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2950-5
vendor-advisory
x_refsource_UBUNTU
https://www.samba.org/samba/history/samba-4.2.10.html
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
vendor-advisory
x_refsource_FEDORA
http://rhn.redhat.com/errata/RHSA-2016-0624.html
vendor-advisory
x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0618.html
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/bid/86002
vdb-entry
x_refsource_BID
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
vendor-advisory
x_refsource_SUSE
https://www.samba.org/samba/security/CVE-2016-2118.html
x_refsource_CONFIRM
https://www.samba.org/samba/latest_news.html#4.4.2
x_refsource_CONFIRM
http://www.securitytracker.com/id/1035533
vdb-entry
x_refsource_SECTRACK
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
vendor-advisory
x_refsource_FEDORA
https://www.kb.cert.org/vuls/id/813296
third-party-advisory
x_refsource_CERT-VN
http://rhn.redhat.com/errata/RHSA-2016-0614.html
vendor-advisory
x_refsource_REDHAT
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2016-0620.html
vendor-advisory
x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0611.html
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
vendor-advisory
x_refsource_SUSE
https://bto.bluecoat.com/security-advisory/sa122
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2950-3
vendor-advisory
x_refsource_UBUNTU
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
vendor-advisory
x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2016-0619.html
vendor-advisory
x_refsource_REDHAT
https://security.gentoo.org/glsa/201612-47
vendor-advisory
x_refsource_GENTOO
http://www.debian.org/security/2016/dsa-3548
vendor-advisory
x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2016-0623.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2950-2
vendor-advisory
x_refsource_UBUNTU
https://access.redhat.com/security/vulnerabilities/badlock
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2016-0625.html
vendor-advisory
x_refsource_REDHAT
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
x_refsource_CONFIRM
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2950-4
vendor-advisory
x_refsource_UBUNTU
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products
x_refsource_CONFIRM
Hyperlink: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0612.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-2950-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0613.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://badlock.org/
Resource:
x_refsource_MISC
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0621.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.ubuntu.com/usn/USN-2950-5
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://www.samba.org/samba/history/samba-4.2.10.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0624.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0618.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/bid/86002
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://www.samba.org/samba/security/CVE-2016-2118.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.samba.org/samba/latest_news.html#4.4.2
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id/1035533
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: https://www.kb.cert.org/vuls/id/813296
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0614.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0620.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0611.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://bto.bluecoat.com/security-advisory/sa122
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/USN-2950-3
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0619.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://security.gentoo.org/glsa/201612-47
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.debian.org/security/2016/dsa-3548
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0623.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-2950-2
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://access.redhat.com/security/vulnerabilities/badlock
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0625.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
Resource:
x_refsource_CONFIRM
Hyperlink: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/USN-2950-4
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0612.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-2950-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0613.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://badlock.org/
x_refsource_MISC
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0621.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.ubuntu.com/usn/USN-2950-5
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://www.samba.org/samba/history/samba-4.2.10.html
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0624.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0618.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/bid/86002
vdb-entry
x_refsource_BID
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://www.samba.org/samba/security/CVE-2016-2118.html
x_refsource_CONFIRM
x_transferred
https://www.samba.org/samba/latest_news.html#4.4.2
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id/1035533
vdb-entry
x_refsource_SECTRACK
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
vendor-advisory
x_refsource_FEDORA
x_transferred
https://www.kb.cert.org/vuls/id/813296
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0614.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0620.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0611.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://bto.bluecoat.com/security-advisory/sa122
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/USN-2950-3
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0619.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://security.gentoo.org/glsa/201612-47
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.debian.org/security/2016/dsa-3548
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0623.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-2950-2
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://access.redhat.com/security/vulnerabilities/badlock
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-0625.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
x_refsource_CONFIRM
x_transferred
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/USN-2950-4
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0612.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2950-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0613.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://badlock.org/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0621.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2950-5
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://www.samba.org/samba/history/samba-4.2.10.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0624.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0618.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/86002
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://www.samba.org/samba/security/CVE-2016-2118.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.samba.org/samba/latest_news.html#4.4.2
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id/1035533
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: https://www.kb.cert.org/vuls/id/813296
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0614.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0620.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0611.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://bto.bluecoat.com/security-advisory/sa122
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2950-3
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0619.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201612-47
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.debian.org/security/2016/dsa-3548
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0623.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2950-2
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://access.redhat.com/security/vulnerabilities/badlock
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0625.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2950-4
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:12 Apr, 2016 | 23:59
Updated At:12 Apr, 2025 | 10:46

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Samba
samba
>>samba>>Versions from 3.6.0(inclusive) to 4.2.10(exclusive)
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Samba
samba
>>samba>>Versions from 4.3.0(inclusive) to 4.3.7(exclusive)
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Samba
samba
>>samba>>Versions from 4.4.0(inclusive) to 4.4.1(exclusive)
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>15.10
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-254Primarynvd@nist.gov
CWE ID: CWE-254
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://badlock.org/secalert@redhat.com
Technical Description
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0611.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0612.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0613.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0614.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0618.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0619.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0620.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0621.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0623.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0624.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0625.htmlsecalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2016/dsa-3548secalert@redhat.com
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlsecalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/86002secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1035533secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012secalert@redhat.com
Mailing List
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-1secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-2secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-3secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-4secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-5secalert@redhat.com
Third Party Advisory
https://access.redhat.com/security/vulnerabilities/badlocksecalert@redhat.com
Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa122secalert@redhat.com
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399secalert@redhat.com
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182secalert@redhat.com
Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixessecalert@redhat.com
Third Party Advisory
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-productssecalert@redhat.com
Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196secalert@redhat.com
Third Party Advisory
https://security.gentoo.org/glsa/201612-47secalert@redhat.com
Third Party Advisory
https://www.kb.cert.org/vuls/id/813296secalert@redhat.com
Third Party Advisory
US Government Resource
https://www.samba.org/samba/history/samba-4.2.10.htmlsecalert@redhat.com
Third Party Advisory
https://www.samba.org/samba/latest_news.html#4.4.2secalert@redhat.com
Vendor Advisory
https://www.samba.org/samba/security/CVE-2016-2118.htmlsecalert@redhat.com
Vendor Advisory
http://badlock.org/af854a3a-2127-422b-91ae-364da2661108
Technical Description
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0611.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0612.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0613.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0614.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0618.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0619.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0620.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0621.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0623.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0624.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0625.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2016/dsa-3548af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/86002af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1035533af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-2af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-3af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-4af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/USN-2950-5af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/security/vulnerabilities/badlockaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa122af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-productsaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://security.gentoo.org/glsa/201612-47af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.kb.cert.org/vuls/id/813296af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
https://www.samba.org/samba/history/samba-4.2.10.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.samba.org/samba/latest_news.html#4.4.2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://www.samba.org/samba/security/CVE-2016-2118.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://badlock.org/
Source: secalert@redhat.com
Resource:
Technical Description
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0611.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0612.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0613.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0614.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0618.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0619.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0620.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0621.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0623.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0624.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0625.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2016/dsa-3548
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/86002
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1035533
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-2
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-3
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-4
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-5
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/security/vulnerabilities/badlock
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://bto.bluecoat.com/security-advisory/sa122
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201612-47
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://www.kb.cert.org/vuls/id/813296
Source: secalert@redhat.com
Resource:
Third Party Advisory
US Government Resource
Hyperlink: https://www.samba.org/samba/history/samba-4.2.10.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://www.samba.org/samba/latest_news.html#4.4.2
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: https://www.samba.org/samba/security/CVE-2016-2118.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://badlock.org/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Technical Description
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182185.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182272.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182288.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00020.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00021.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00022.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00023.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00024.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0611.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0612.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0613.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0614.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0618.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0619.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0620.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0621.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0623.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0624.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-0625.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2016/dsa-3548
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/86002
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1035533
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.458012
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/USN-2950-5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/security/vulnerabilities/badlock
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://bto.bluecoat.com/security-advisory/sa122
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05162399
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05166182
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40196
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201612-47
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.kb.cert.org/vuls/id/813296
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: https://www.samba.org/samba/history/samba-4.2.10.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.samba.org/samba/latest_news.html#4.4.2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://www.samba.org/samba/security/CVE-2016-2118.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1458Records found
CVE-2016-1840
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.71% / 81.55%
||
7 Day CHG+0.68%
Published-20 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

Action-Not Available
Vendor-n/aApple Inc.Canonical Ltd.libxml2 (XMLSoft)Debian GNU/LinuxMcAfee, LLCRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_server_auslibxml2watchosubuntu_linuxenterprise_linux_desktopenterprise_linux_server_eusweb_gatewayenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxiphone_osmac_os_xtvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1516
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-8.8||HIGH
EPSS-1.17% / 77.79%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.

Action-Not Available
Vendor-opencvn/aDebian GNU/Linux
Product-debian_linuxopencvOpenCV 3.0.0
CWE ID-CWE-415
Double Free
CVE-2016-2374
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-8.1||HIGH
EPSS-1.16% / 77.69%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution.

Action-Not Available
Vendor-Debian GNU/LinuxCanonical Ltd.Pidgin
Product-pidgindebian_linuxubuntu_linuxPidgin
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2010-2519
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-4.52% / 88.70%
||
7 Day CHG~0.00%
Published-19 Aug, 2010 | 17:43
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.

Action-Not Available
Vendor-freetypen/aCanonical Ltd.Apple Inc.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxmac_os_xfreetypen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-2376
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-8.1||HIGH
EPSS-5.41% / 89.74%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet which will trigger a buffer overflow.

Action-Not Available
Vendor-Debian GNU/LinuxCanonical Ltd.Pidgin
Product-pidgindebian_linuxubuntu_linuxPidgin
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-37983
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.31% / 78.95%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 21:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCDebian GNU/Linux
Product-chromedebian_linuxChrome
CWE ID-CWE-416
Use After Free
CVE-2010-2527
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.33% / 84.19%
||
7 Day CHG~0.00%
Published-19 Aug, 2010 | 17:43
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Action-Not Available
Vendor-freetypen/aDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxfreetypen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2010-2541
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.21% / 86.51%
||
7 Day CHG~0.00%
Published-19 Aug, 2010 | 17:43
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Action-Not Available
Vendor-freetypen/aCanonical Ltd.
Product-ubuntu_linuxfreetypen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2010-2497
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.09% / 83.31%
||
7 Day CHG~0.00%
Published-19 Aug, 2010 | 17:43
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Action-Not Available
Vendor-freetypen/aDebian GNU/LinuxApple Inc.
Product-debian_linuxmac_os_xfreetypen/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2016-1521
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-8.8||HIGH
EPSS-0.75% / 72.11%
||
7 Day CHG~0.00%
Published-13 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

Action-Not Available
Vendor-siln/aMozilla CorporationFedora ProjectDebian GNU/Linux
Product-fedorafirefoxgraphite2thunderbirddebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1622
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.50% / 80.34%
||
7 Day CHG~0.00%
Published-14 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Extensions subsystem in Google Chrome before 48.0.2564.109 does not prevent use of the Object.defineProperty method to override intended extension behavior, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/LinuxopenSUSE
Product-debian_linuxopensusechromen/a
CVE-2016-1679
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.53% / 80.57%
||
7 Day CHG~0.00%
Published-05 Jun, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.

Action-Not Available
Vendor-n/aopenSUSESUSERed Hat, Inc.Google LLCDebian GNU/LinuxCanonical Ltd.
Product-enterprise_linux_serverleapopensuseubuntu_linuxenterprise_linux_desktopenterprise_linux_workstationchromedebian_linuxlinux_enterprisen/a
CVE-2018-9918
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.38%
||
7 Day CHG~0.00%
Published-10 Apr, 2018 | 18:00
Updated-05 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted.

Action-Not Available
Vendor-qpdf_projectn/aCanonical Ltd.
Product-qpdfubuntu_linuxn/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2023-2135
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.24%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 03:40
Updated-13 Feb, 2025 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectGoogle LLC
Product-chromedebian_linuxfedoraChromechrome
CWE ID-CWE-416
Use After Free
CVE-2011-2818
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-2.96% / 85.95%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.

Action-Not Available
Vendor-n/aApple Inc.Debian GNU/LinuxGoogle LLC
Product-debian_linuxiphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2016-1627
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.24% / 78.44%
||
7 Day CHG~0.00%
Published-14 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Developer Tools (aka DevTools) subsystem in Google Chrome before 48.0.2564.109 does not validate URL schemes and ensure that the remoteBase parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL, related to browser/devtools/devtools_ui_bindings.cc and WebKit/Source/devtools/front_end/Runtime.js.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/LinuxopenSUSE
Product-debian_linuxopensusechromen/a
CVE-2018-9846
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.45% / 62.83%
||
7 Day CHG~0.00%
Published-07 Apr, 2018 | 21:00
Updated-05 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism.

Action-Not Available
Vendor-n/aRoundcube Webmail ProjectDebian GNU/Linux
Product-webmaildebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-2690
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.03% / 76.36%
||
7 Day CHG~0.00%
Published-17 Jul, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.

Action-Not Available
Vendor-libpngn/aFedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxfedoradebian_linuxlibpngn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-38003
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-76.40% / 98.89%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 21:30
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCFedora ProjectDebian GNU/Linux
Product-fedoradebian_linuxchromeChromeChromium V8
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-37998
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.19% / 77.99%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 21:30
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxfedoraChrome
CWE ID-CWE-416
Use After Free
CVE-2018-8881
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.21% / 44.09%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 23:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.

Action-Not Available
Vendor-nasmn/aCanonical Ltd.
Product-ubuntu_linuxnetwide_assemblern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2010-1812
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-5.51% / 89.85%
||
7 Day CHG~0.00%
Published-09 Sep, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.

Action-Not Available
Vendor-webkitgtkn/aCanonical Ltd.Apple Inc.
Product-ubuntu_linuxiphone_osipod_touchwebkitgtkn/a
CVE-2016-1668
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.20% / 78.02%
||
7 Day CHG-0.08%
Published-14 May, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/LinuxopenSUSE
Product-debian_linuxopensusechromen/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-1676
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.36% / 79.35%
||
7 Day CHG~0.00%
Published-05 Jun, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSESUSERed Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverleapopensuseenterprise_linux_desktopenterprise_linux_workstationchromedebian_linuxlinux_enterprisen/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-1673
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.03% / 76.44%
||
7 Day CHG+0.19%
Published-05 Jun, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSESUSERed Hat, Inc.Google LLCDebian GNU/LinuxCanonical Ltd.
Product-enterprise_linux_serverleapopensuseubuntu_linuxenterprise_linux_desktopenterprise_linux_workstationchromedebian_linuxlinux_enterprisen/a
CVE-2016-1672
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.36% / 79.35%
||
7 Day CHG~0.00%
Published-05 Jun, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSESUSERed Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverleapopensuseenterprise_linux_desktopenterprise_linux_workstationchromedebian_linuxlinux_enterprisen/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-1704
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.80% / 73.12%
||
7 Day CHG~0.00%
Published-03 Jul, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Action-Not Available
Vendor-n/aopenSUSERed Hat, Inc.Google LLCNovellCanonical Ltd.
Product-enterprise_linux_serverleapopensuseenterprise_linux_desktopubuntu_linuxsuse_package_hub_for_suse_linux_enterpriseenterprise_linux_workstationchromen/a
CVE-2010-1814
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-4.60% / 88.82%
||
7 Day CHG~0.00%
Published-09 Sep, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.

Action-Not Available
Vendor-webkitgtkn/aCanonical Ltd.Apple Inc.
Product-ubuntu_linuxiphone_osipod_touchwebkitgtkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1799
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.61% / 68.90%
||
7 Day CHG~0.00%
Published-16 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGoogle LLC
Product-debian_linuxchromen/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-8960
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.39% / 58.91%
||
7 Day CHG~0.00%
Published-23 Mar, 2018 | 21:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-7871
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.56% / 67.16%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 18:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact.

Action-Not Available
Vendor-libmingn/aDebian GNU/Linux
Product-libmingdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-38500
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-2.21% / 83.77%
||
7 Day CHG+0.57%
Published-03 Nov, 2021 | 00:03
Updated-21 Oct, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93.

Action-Not Available
Vendor-Debian GNU/LinuxMozilla Corporation
Product-firefoxthunderbirddebian_linuxfirefox_esrThunderbirdFirefox ESRFirefox
CVE-2010-2067
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.80% / 85.54%
||
7 Day CHG~0.00%
Published-23 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.

Action-Not Available
Vendor-n/aLibTIFFCanonical Ltd.
Product-ubuntu_linuxlibtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-8764
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.38% / 58.29%
||
7 Day CHG~0.00%
Published-27 Mar, 2018 | 16:00
Updated-05 Aug, 2024 | 07:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging.

Action-Not Available
Vendor-ldap-account-managern/aDebian GNU/Linux
Product-debian_linuxldap_account_managern/a
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2021-37973
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-19.20% / 95.12%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 21:40
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLCFedora ProjectDebian GNU/Linux
Product-fedoradebian_linuxchromeChromeChromium Portals
CWE ID-CWE-416
Use After Free
CVE-2021-37975
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-56.10% / 98.01%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Google LLCFedora ProjectDebian GNU/Linux
Product-chromedebian_linuxfedoraChromeChromium V8
CWE ID-CWE-416
Use After Free
CVE-2018-8804
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.41% / 60.79%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 05:00
Updated-05 Aug, 2024 | 07:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-415
Double Free
CVE-2016-2326
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.07% / 76.84%
||
7 Day CHG~0.00%
Published-12 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFFmpegCanonical Ltd.
Product-debian_linuxffmpegubuntu_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-1624
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.76%
||
7 Day CHG~0.00%
Published-14 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/LinuxopenSUSE
Product-debian_linuxopensusechromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1655
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-3.03% / 86.09%
||
7 Day CHG~0.00%
Published-18 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.

Action-Not Available
Vendor-n/aopenSUSESUSEGoogle LLCDebian GNU/LinuxCanonical Ltd.
Product-leapubuntu_linuxchromedebian_linuxlinux_enterprisen/a
CVE-2016-1701
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.35% / 79.33%
||
7 Day CHG-0.01%
Published-05 Jun, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.

Action-Not Available
Vendor-n/aopenSUSESUSERed Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverleapopensuseenterprise_linux_desktopenterprise_linux_workstationchromedebian_linuxlinux_enterprisen/a
CVE-2010-0394
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.84% / 73.78%
||
7 Day CHG~0.00%
Published-10 Feb, 2010 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command.

Action-Not Available
Vendor-edgewall_softwarenanosleepn/aDebian GNU/Linux
Product-tracdebian_linuxtrac-gitn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-9009
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.66% / 70.12%
||
7 Day CHG~0.00%
Published-25 Mar, 2018 | 03:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file.

Action-Not Available
Vendor-libmingn/aDebian GNU/Linux
Product-libmingdebian_linuxn/a
CWE ID-CWE-416
Use After Free
CVE-2016-3698
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.1||HIGH
EPSS-0.47% / 63.42%
||
7 Day CHG~0.00%
Published-13 Jun, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.

Action-Not Available
Vendor-libndpn/aRed Hat, Inc.Debian GNU/LinuxCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_ausdebian_linuxenterprise_linux_hpc_nodeenterprise_linux_desktopubuntu_linuxenterprise_linux_server_eusenterprise_linux_workstationenterprise_linux_hpc_node_euslibndpn/a
CWE ID-CWE-284
Improper Access Control
CVE-2018-7435
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.06% / 76.72%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 21:00
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell function.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFreeXL (Alessandro Furieri)
Product-freexldebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-1680
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-1.53% / 80.57%
||
7 Day CHG~0.00%
Published-05 Jun, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aopenSUSESUSERed Hat, Inc.Google LLCDebian GNU/LinuxCanonical Ltd.
Product-enterprise_linux_serverleapopensuseubuntu_linuxenterprise_linux_desktopenterprise_linux_workstationchromedebian_linuxlinux_enterprisen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-15296
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.16%
||
7 Day CHG~0.00%
Published-21 Aug, 2019 | 06:07
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - words*4 is negative, a buffer overflow is later performed via getdword_n(&ld->start[words], ld->bytes_left).

Action-Not Available
Vendor-audiocodingn/aDebian GNU/Linux
Product-freeware_advanced_audio_decoder_2debian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-7253
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.88% / 74.40%
||
7 Day CHG~0.00%
Published-19 Feb, 2018 | 23:00
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.

Action-Not Available
Vendor-wavpackn/aCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxwavpackn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-2119
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.16% / 77.73%
||
7 Day CHG~0.00%
Published-07 Jul, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.

Action-Not Available
Vendor-n/aSamba
Product-samban/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2016-2347
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-0.45% / 62.59%
||
7 Day CHG~0.00%
Published-21 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.

Action-Not Available
Vendor-lhasa_projectn/aopenSUSEDebian GNU/Linux
Product-lhasadebian_linuxleapopensusen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 29
  • 30
  • Next
Details not found