threat
engine
.sh
Back
·
··:··
Home
/
Product
/
oracle vm server
Product
oracle vm server
38 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-22024
all versions
In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESE
5.5
MEDIUM
CVE-2020-2571
all versions
Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems (component: Templates). The supported version that is af
3.3
LOW
CVE-2017-3242
all versions
Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager). Suppo
5.9
MEDIUM
CVE-2016-7039
all versions
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic)
7.5
HIGH
CVE-2016-2776
all versions
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct
7.5
HIGH
CVE-2016-3991
all versions
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to
7.8
HIGH
CVE-2016-3990
all versions
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote atta
7.8
HIGH
CVE-2016-3945
all versions
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlie
7.8
HIGH
CVE-2016-3632
all versions
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (ou
7.8
HIGH
CVE-2016-6198
all versions
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a
5.5
MEDIUM
CVE-2016-6197
all versions
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper de
5.5
MEDIUM
CVE-2016-5696
all versions
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it
4.8
MEDIUM
CVE-2016-5403
all versions
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory
5.5
MEDIUM
CVE-2016-4470
all versions
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data stru
5.5
MEDIUM
CVE-2016-4448
all versions
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in un
9.8
CRITICAL
CVE-2016-4447
all versions
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of servi
7.5
HIGH
CVE-2016-4962
all versions
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource con
6.7
MEDIUM
CVE-2016-4480
all versions
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) pa
8.4
HIGH
CVE-2016-3627
all versions
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent att
7.5
HIGH
CVE-2016-3712
all versions
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU p
5.5
MEDIUM
CVE-2016-3710
all versions
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administr
8.8
HIGH
CVE-2016-2117
all versions
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/
7.5
HIGH
CVE-2016-3960
all versions
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or
8.8
HIGH
CVE-2016-3159
all versions
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on
3.8
LOW
CVE-2016-3158
all versions
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD
3.8
LOW
CVE-2016-3115
all versions
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass in
6.4
MEDIUM
CVE-2016-1950
all versions
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used
8.8
HIGH
CVE-2016-2270
all versions
Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple
6.8
MEDIUM
CVE-2015-8668
all versions
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows rem
9.8
CRITICAL
CVE-2015-8000
all versions
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (RE
CVE-2015-3195
all versions
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q
5.3
MEDIUM
CVE-2015-2730
all versions
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38
CVE-2015-2721
all versions
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x
CVE-2015-0452
all versions
Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products Suite 3.1 and 3.2 allows remo
CVE-2014-1491
all versions
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thund
CVE-2014-1490
all versions
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox
CVE-2013-0791
all versions
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ES
CVE-2013-1620
all versions
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a nonc
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin