Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-10 | CVE-2016-5420 | Improper Authorization vulnerability in multiple products curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate. | 7.5 |
| 2016-08-10 | CVE-2016-5419 | Cryptographic Issues vulnerability in multiple products curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session. | 7.5 |
| 2016-08-10 | CVE-2016-5408 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the munge_other_line function in cachemgr.cgi in the squid package before 3.1.23-16.el6_8.6 in Red Hat Enterprise Linux 6 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2016-08-10 | CVE-2013-7458 | Information Exposure vulnerability in multiple products linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file. | 3.3 |
| 2016-08-09 | CVE-2016-3329 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability." | 5.3 |
| 2016-08-09 | CVE-2016-3327 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326. | 5.3 |
| 2016-08-09 | CVE-2016-3326 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327. | 5.3 |
| 2016-08-09 | CVE-2016-3322 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289. | 7.5 |
| 2016-08-09 | CVE-2016-3321 | Information Exposure vulnerability in Microsoft Internet Explorer 10/11 Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet Explorer Information Disclosure Vulnerability." | 2.5 |
| 2016-08-09 | CVE-2016-3320 | 7PK - Security Features vulnerability in multiple products Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow attackers to bypass the Secure Boot protection mechanism by leveraging (1) administrative or (2) physical access to install a crafted boot manager, aka "Secure Boot Security Feature Bypass." | 4.9 |