Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-01-27 CVE-2016-5541 Unspecified vulnerability in Oracle Mysql Cluster
Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI).
network
high complexity
oracle
4.8
2017-01-27 CVE-2016-5528 Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1/3.1.2
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security).
network
high complexity
oracle
critical
9.0
2017-01-27 CVE-2016-5509 Unspecified vulnerability in Oracle Flexcube Investor Servicing
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core).
network
high complexity
oracle
3.1
2017-01-27 CVE-2016-5822 Resource Management Errors vulnerability in Huawei Oceanstor 5800 V3 V300R002C10
Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers to cause a denial of service (CPU consumption) via a large number of crafted HTTP packets.
network
low complexity
huawei CWE-399
7.5
2017-01-27 CVE-2016-3996 Information Exposure vulnerability in Samsung Knox 1.0/2.3.0
ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application.
local
low complexity
samsung CWE-200
5.5
2017-01-27 CVE-2016-1920 Improper Access Control vulnerability in Samsung Knox 1.0
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
local
low complexity
samsung CWE-284
5.5
2017-01-27 CVE-2016-1919 Information Exposure vulnerability in Samsung Knox 1.0
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
local
high complexity
samsung CWE-200
4.7
2017-01-27 CVE-2016-9453 Out-of-bounds Write vulnerability in multiple products
The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.
local
low complexity
libtiff opensuse debian CWE-787
7.8
2017-01-27 CVE-2016-9448 NULL Pointer Dereference vulnerability in multiple products
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays.
network
low complexity
libtiff opensuse CWE-476
7.5
2017-01-27 CVE-2016-8411 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Buffer overflow vulnerability while processing QMI QOS TLVs.
network
low complexity
google CWE-119
critical
9.8