English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Oracle VM Server for x86 3.3

CPE Details

Oracle VM Server for x86 3.3
oracle
vm_server
3.3
2016-09-22 11:16 +00:00
2021-06-25 13:40 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:x86:*

Informations

Vendor

oracle

Product

vm_server

Version

3.3

Target Hardware

x86

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-2776 2016-09-28 08:00 +00:00 buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
7.5
HIGH
CVE-2016-3632 2016-09-21 16:00 +00:00 The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
7.8
HIGH
CVE-2016-3945 2016-09-21 16:00 +00:00 Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.
7.8
HIGH
CVE-2016-3990 2016-09-21 16:00 +00:00 Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.
7.8
HIGH
CVE-2016-3991 2016-09-21 16:00 +00:00 Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
7.8
HIGH
CVE-2016-4470 2016-06-27 08:00 +00:00 The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
5.5
MEDIUM
CVE-2016-4447 2016-06-09 14:00 +00:00 The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
7.5
HIGH
CVE-2016-4448 2016-06-09 14:00 +00:00 Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
9.8
CRITICAL
CVE-2016-4962 2016-06-07 12:00 +00:00 The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
6.7
MEDIUM
CVE-2016-4480 2016-05-18 12:00 +00:00 The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.
8.4
HIGH
CVE-2016-3712 2016-05-11 19:00 +00:00 Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
5.5
MEDIUM
CVE-2016-2117 2016-05-02 08:00 +00:00 The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
7.5
HIGH
CVE-2016-3960 2016-04-19 12:00 +00:00 Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
8.8
HIGH
CVE-2016-3158 2016-04-13 14:00 +00:00 The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
3.8
LOW
CVE-2016-3159 2016-04-13 14:00 +00:00 The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
3.8
LOW

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.