Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-18 | CVE-2015-8151 | OS Command Injection vulnerability in Symantec Encryption Management Server 3.3.2 Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. | 9.1 |
| 2016-02-18 | CVE-2015-8150 | Permissions, Privileges, and Access Controls vulnerability in Symantec Encryption Management Server 3.3.2 Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. | 7.8 |
| 2016-02-18 | CVE-2015-8149 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Encryption Management Server 3.3.2 The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. | 7.5 |
| 2016-02-18 | CVE-2015-8148 | Information Exposure vulnerability in Symantec Encryption Management Server 3.3.2 The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. | 7.5 |
| 2016-02-18 | CVE-2015-5970 | Code Injection vulnerability in Novell Zenworks Configuration Management The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a malformed query involving a system entity reference. | 5.3 |
| 2016-02-18 | CVE-2016-0795 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. | 7.8 |
| 2016-02-18 | CVE-2016-0794 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. | 7.8 |
| 2016-02-18 | CVE-2015-7547 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. | 8.1 |
| 2016-02-18 | CVE-2015-8287 | Unspecified vulnerability in Swann Srnvw-470Lcd Firmware and Swnvw-470Cam Firmware Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL. | 5.3 |
| 2016-02-18 | CVE-2015-8286 | 7PK - Security Features vulnerability in Zhuhai Raysharp Firmware Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. | 9.8 |