NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
82654  CVE-2016-10028  The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.    2.1  Low  2017-02-28  2017-02-28  View
82655  CVE-2016-10029  The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.    2.1  Low  2017-02-28  2017-02-28  View
17420  CVE-2016-1003  ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10033. Reason: This candidate is a duplicate of CVE-2016-10033. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2016-10033 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.        2017-01-19  2016-12-30  View
17421  CVE-2016-10030  The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 ("success") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue.    7.6  High  2017-01-19  2017-01-10  View
17422  CVE-2016-10031  ** DISPUTED ** WampServer 3.0.6 installs two services called "wampapache" and "wampmysqld" with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local attacker must insert an executable file called mysqld.exe or httpd.exe and replace the original files. The next time the service starts, the malicious file will get executed as SYSTEM. NOTE: the vendor disputes the relevance of this report, taking the position that a configuration in which ""someone" (an attacker) is able to replace files on a PC" is not "the fault of WampServer."    6.9  Medium  2017-01-19  2016-12-30  View

Page 15340 of 17672, showing 5 records out of 88360 total, starting on record 76696, ending on 76700

<<first 15336 | 15337 | 15338 | 15339 | 15340 | 15341 | 15342 | 15343 | 15344 last>>

Actions