• Close
  • Vulnerability & Exploit Database

    Displaying entries 1 - 10 of 77117 in total

    Apache HTTPD: mod_http2: denial of service by thread starvation (CVE-2016-1546) Vulnerability

    • Severity: 4
    • Published: May 15, 2016

    The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_http2. Review your web server configuration for validation. By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could...

    Debian: DSA-3577 (CVE-2016-4425): jansson -- security update Vulnerability

    • Severity: 4
    • Published: May 13, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3577:

    Gustavo Grieco discovered that jansson, a C library for encoding,

    decoding and manipulating JSON data, did not limit the recursion de...

    Ubuntu: USN-2974-1 (CVE-2016-4037): QEMU vulnerabilities Vulnerability

    • Severity: 4
    • Published: May 11, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From USN-2974-1:

    Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to...

    Oracle Linux: CVE-2016-0758: ELSA-2016-1033 - kernel security and bug fix update Vulnerability

    • Severity: 4
    • Published: May 11, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From ELSA-2016-1033:

    - [3.10.0-327.18.2.OL7] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-327.18.2] - [lib] keys: Fix ASN.1 indefinite length object ...

    Debian: DSA-3575 (CVE-2016-3674): libxstream-java -- security update Vulnerability

    • Severity: 4
    • Published: May 11, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3575:

    It was discovered that XStream, a Java library to serialize objects to

    XML and back again, was susceptible to XML External Entity att...