National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:5.2.13
There are 997 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2017-2990

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 01:59:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2988

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 01:59:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2987

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 01:59:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2986

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 01:59:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2985

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 01:59:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2984

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 01:59:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2982

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 01:59:00 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-8977

IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.

Published: February 01, 2017; 05:59:01 PM -05:00
V3.0: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2016-8963

IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.

Published: February 01, 2017; 05:59:00 PM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2016-6110

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.

Published: February 01, 2017; 05:59:00 PM -05:00
V3.0: 6.5 MEDIUM
    V2: 2.1 LOW
CVE-2016-8967

IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user.

Published: February 01, 2017; 04:59:00 PM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2016-0371

The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled.

Published: February 01, 2017; 04:59:00 PM -05:00
V3.0: 4.7 MEDIUM
    V2: 1.9 LOW
CVE-2016-8981

IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.

Published: February 01, 2017; 03:59:03 PM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2016-8980

IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.

Published: February 01, 2017; 03:59:03 PM -05:00
V3.0: 8.1 HIGH
    V2: 7.5 HIGH
CVE-2016-8966

IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.

Published: February 01, 2017; 03:59:03 PM -05:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-8961

IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.

Published: February 01, 2017; 03:59:03 PM -05:00
V3.0: 6.1 MEDIUM
    V2: 5.8 MEDIUM
CVE-2016-9795

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

Published: January 27, 2017; 05:59:02 PM -05:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2016-10086

RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.

Published: January 18, 2017; 05:59:00 PM -05:00
V3.0: 8.1 HIGH
    V2: 5.5 MEDIUM
CVE-2017-2938

Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 7.3 HIGH
    V2: 7.5 HIGH
CVE-2017-2937

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH