• Close
  • Vulnerability & Exploit Database

    Displaying vulnerability details 1 - 10 of 73927 in total

    Apache HTTPD: mod_http2: denial of service by thread starvation (CVE-2016-1546) Vulnerability

    • Severity: 4
    • Published: May 15, 2016

    The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_http2. Review your web server configuration for validation. By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could...

    Debian: DSA-3577 (CVE-2016-4425): jansson -- security update Vulnerability

    • Severity: 4
    • Published: May 13, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From DSA-3577:

    Gustavo Grieco discovered that jansson, a C library for encoding,

    decoding and manipulating JSON data, did not limit the recursion de...

    RHSA-2016:1034: docker security, bug fix, and enhancement update Vulnerability

    • Severity: 4
    • Published: May 11, 2016

    Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere.Security Fix(es):This issue was discovered by Mrunal Patel (Red Hat).Bug Fix(es):Enhancement(s):

    CESA-2016:1033: kernel security and bug fix update Vulnerability

    • Severity: 4
    • Published: May 11, 2016

    The kernel packages contain the Linux kernel, the core of any Linux operating system.Security Fix(es):Red Hat would like to thank Philip Pettersson of Samsung for reporting this issue.Bug Fix(es):

    Ubuntu: USN-2974-1 (CVE-2016-4037): QEMU vulnerabilities Vulnerability

    • Severity: 4
    • Published: May 11, 2016

    Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

    From USN-2974-1:

    Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to...