National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:5.2.3
There are 1,023 matching records.
Displaying matches 201 through 220.
Vuln ID Summary CVSS Severity
CVE-2016-8966

IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.

Published: February 01, 2017; 03:59:03 PM -05:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-8961

IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.

Published: February 01, 2017; 03:59:03 PM -05:00
V3.0: 6.1 MEDIUM
    V2: 5.8 MEDIUM
CVE-2016-9795

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

Published: January 27, 2017; 05:59:02 PM -05:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2016-10086

RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.

Published: January 18, 2017; 05:59:00 PM -05:00
V3.0: 8.1 HIGH
    V2: 5.5 MEDIUM
CVE-2017-2938

Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 7.3 HIGH
    V2: 7.5 HIGH
CVE-2017-2937

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2936

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2935

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2934

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2933

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2932

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2931

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2930

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2928

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2927

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2926

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-2925

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-7892

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

Published: December 15, 2016; 01:59:56 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-7890

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.

Published: December 15, 2016; 01:59:54 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2016-7881

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.

Published: December 15, 2016; 01:59:45 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH