Weekly Vulnerabilities Reports > January 11 to 17, 2016

Overview

136 new vulnerabilities reported during this period, including 34 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 141 products from 46 vendors including Microsoft, Apple, Adobe, Advantech, and Huawei. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Information Exposure", "Improper Input Validation", and "Permissions, Privileges, and Access Controls".

  • 120 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 27 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 115 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 42 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 17 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

34 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-01-15 CVE-2016-1909 Fortinet Permissions, Privileges, and Access Controls vulnerability in Fortinet Fortios

Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session.

10.0
2016-01-15 CVE-2016-0860 Advantech Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess

Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request.

10.0
2016-01-15 CVE-2016-0859 Advantech Numeric Errors vulnerability in Advantech Webaccess

Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request.

10.0
2016-01-15 CVE-2016-0857 Advantech Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess

Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.

10.0
2016-01-15 CVE-2016-0856 Advantech Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess

Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors.

10.0
2016-01-15 CVE-2016-0854 Advantech Unspecified vulnerability in Advantech Webaccess

Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors.

10.0
2016-01-15 CVE-2015-6323 Cisco Unauthorized Access vulnerability in Cisco Identity Services Engine Software

The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253.

10.0
2016-01-15 CVE-2015-6314 Cisco Improper Authentication vulnerability in Cisco Wireless LAN Controller Software

Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.

10.0
2016-01-14 CVE-2016-0946 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0945.

10.0
2016-01-14 CVE-2016-0945 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0946.

10.0
2016-01-14 CVE-2016-0944 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946.

10.0
2016-01-14 CVE-2016-0942 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

10.0
2016-01-14 CVE-2016-0940 Adobe
Apple
Microsoft
Unspecified vulnerability in Adobe products

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0941.

10.0
2016-01-14 CVE-2016-0933 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

10.0
2016-01-12 CVE-2015-8611 F5 Credentials Management vulnerability in F5 products

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers to obtain login access to AOM via an (1) expired or (2) default password.

10.0
2016-01-12 CVE-2015-8396 Grassroots Dicom Project Numeric Errors vulnerability in Grassroots Dicom Project Grassroots Dicom 2.6.0/2.6.1

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.

10.0
2016-01-12 CVE-2015-8659 Apple
Nghttp2
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

10.0
2016-01-12 CVE-2015-8098 F5 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in F5 Big-Ip Access Policy Manager

F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors related to processing a Citrix Remote Desktop connection through a virtual server configured with a remote desktop profile, aka an "Out-of-bounds memory vulnerability."

10.0
2016-01-15 CVE-2016-0858 Advantech Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess

Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.

9.3
2016-01-15 CVE-2015-6467 Advantech Unspecified vulnerability in Advantech Webaccess

Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin.

9.3
2016-01-14 CVE-2016-0938 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

9.3
2016-01-14 CVE-2016-0937 Adobe
Apple
Microsoft
Unspecified vulnerability in Adobe products

Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941.

9.3
2016-01-14 CVE-2016-0936 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

9.3
2016-01-13 CVE-2016-0035 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2016-01-13 CVE-2016-0034 Microsoft Improper Input Validation vulnerability in Microsoft Silverlight 5.0

Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime Remote Code Execution Vulnerability."

9.3
2016-01-13 CVE-2016-0024 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."

9.3
2016-01-13 CVE-2016-0019 Microsoft 7PK - Security Features vulnerability in Microsoft Windows 10 1511

The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows Remote Desktop Protocol Security Bypass Vulnerability."

9.3
2016-01-13 CVE-2016-0015 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap Corruption Remote Code Execution Vulnerability."

9.3
2016-01-13 CVE-2016-0010 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2016-01-13 CVE-2016-0009 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability."

9.3
2016-01-13 CVE-2016-0003 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."

9.3
2016-01-12 CVE-2015-8306 Huawei Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Huawei P8 Firmware

Buffer overflow in the HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 allows attackers to cause a denial of service (system crash) or execute arbitrary code via an unspecified parameter.

9.3
2016-01-12 CVE-2015-8088 Huawei Buffer Errors vulnerability in Huawei Mate 7 Firmware and P8 Firmware

Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application.

9.3
2016-01-16 CVE-2016-1142 Seeds OS Command Injection vulnerability in Seeds Acmailer

Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.

9.0

18 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-01-15 CVE-2016-0851 Advantech Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess

Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors.

7.8
2016-01-15 CVE-2015-8281 Samsung Cryptographic Issues vulnerability in Samsung web Viewer 1.0.0.193

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations.

7.8
2016-01-15 CVE-2015-6320 Cisco Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.1(112.3)/8.1(112.4)

The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138.

7.8
2016-01-12 CVE-2015-1779 Qemu
Canonical
Debian
Fedoraproject
Redhat
Oracle
Resource Exhaustion vulnerability in multiple products

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

7.8
2016-01-11 CVE-2015-8231 Huawei Resource Management Errors vulnerability in Huawei Espace 7910 and Espace 7950

Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets.

7.8
2016-01-11 CVE-2015-8230 Huawei Resource Management Errors vulnerability in Huawei Espace 8950 V200R003C00Spc200

Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets.

7.8
2016-01-13 CVE-2016-0002 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Jscript and Vbscript

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

7.6
2016-01-16 CVE-2015-6863 HP Improper Input Validation vulnerability in HP Arcsight Logger

HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.

7.5
2016-01-15 CVE-2015-6336 Cisco Credentials Management vulnerability in Cisco Aironet Access Point Software

Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062.

7.5
2016-01-13 CVE-2015-8607 Canonical
Perl
Debian
Improper Input Validation vulnerability in multiple products

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

7.5
2016-01-12 CVE-2015-8769 Joomla SQL Injection vulnerability in Joomla Joomla!

SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2016-01-14 CVE-2016-0947 Adobe
Apple
Microsoft
Remote Code Execution vulnerability in Adobe Acrobat and Reader

Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory.

7.2
2016-01-13 CVE-2016-0020 Microsoft Local Privilege Escalation vulnerability in Microsoft Windows MAPI DLL Loading

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "MAPI DLL Loading Elevation of Privilege Vulnerability." <a href="http://cwe.mitre.org/data/definitions/426.html">CWE-426: Untrusted Search Path</a>

7.2
2016-01-13 CVE-2016-0016 Microsoft Untrusted Search Path vulnerability in Microsoft products

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."

7.2
2016-01-13 CVE-2016-0014 Microsoft Untrusted Search Path vulnerability in Microsoft products

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Elevation of Privilege Vulnerability."

7.2
2016-01-11 CVE-2015-6566 Zarafa
Fedoraproject
Link Following vulnerability in multiple products

zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.

7.2
2016-01-11 CVE-2015-6980 Apple Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X

Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.

7.2
2016-01-12 CVE-2015-8337 Huawei Local Denial of Service vulnerability in Huawei Mate 7 Firmware and P8 Firmware

The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, GRA-UL10 before GRA-UL10C00B220 and Mate7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 allows remote attackers to cause a denial of service (invalid memory access and reboot) via unspecified vectors related to "input null pointer as parameter." <a href="https://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>

7.1

72 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-01-13 CVE-2016-0018 Microsoft Untrusted Search Path vulnerability in Microsoft products

Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."

6.9
2016-01-13 CVE-2016-0007 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006.

6.9
2016-01-13 CVE-2016-0006 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0007.

6.9
2016-01-12 CVE-2015-7393 F5 Local Privilege Escalation vulnerability in Multiple F5 BIG-IP Products

dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.

6.9
2016-01-11 CVE-2015-7024 Apple Security Bypass vulnerability in Apple Mac OS X

Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature.

6.9
2016-01-15 CVE-2015-5007 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Commerce

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 through 7.0.0.9, and 7.0 Feature Pack 8 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.8
2016-01-15 CVE-2015-3946 Advantech Cross-Site Request Forgery (CSRF) vulnerability in Advantech Webaccess

Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2016-01-14 CVE-2016-0943 Adobe
Apple
Microsoft
Permissions, Privileges, and Access Controls vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors.

6.8
2016-01-14 CVE-2016-0941 Adobe
Apple
Microsoft
Unspecified vulnerability in Adobe products

Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940.

6.8
2016-01-14 CVE-2016-0939 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

6.8
2016-01-14 CVE-2016-0935 Adobe
Apple
Microsoft
Double Free Remote Code Execution vulnerability in Adobe Acrobat and Reader

Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary.

6.8
2016-01-14 CVE-2016-0934 Adobe
Apple
Microsoft
Unspecified vulnerability in Adobe products

Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2016-0932, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.

6.8
2016-01-14 CVE-2016-0932 Adobe
Apple
Microsoft
Unspecified vulnerability in Adobe products

Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.

6.8
2016-01-14 CVE-2016-0931 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

6.8
2016-01-16 CVE-2015-6864 HP Improper Input Validation vulnerability in HP Arcsight Logger

HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.

6.5
2016-01-15 CVE-2015-3947 Advantech SQL Injection vulnerability in Advantech Webaccess

SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2016-01-12 CVE-2015-8397 Grassroots Dicom Project Out-Of-Bounds Read vulnerability in Grassroots Dicom Project Grassroots Dicom

The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read.

6.4
2016-01-15 CVE-2015-8688 Gajim Improper Input Validation vulnerability in Gajim

Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.

5.8
2016-01-13 CVE-2015-8466 Fedoraproject
Openstack
Improper Input Validation vulnerability in multiple products

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.

5.8
2016-01-11 CVE-2015-8331 Huawei Improper Input Validation vulnerability in Huawei Vcn500 V100R002C00Spc200B010

The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attackers to conduct replay attacks via the session ID.

5.8
2016-01-14 CVE-2015-8605 Sophos
ISC
Debian
Canonical
Improper Input Validation vulnerability in multiple products

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

5.7
2016-01-12 CVE-2016-1715 Microsoft
Mcafee
Numeric Errors vulnerability in multiple products

The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location.

5.5
2016-01-11 CVE-2015-8333 Huawei Permissions, Privileges, and Access Controls vulnerability in Huawei Vcn500 V100R002C00Spc200B010

The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets.

5.5
2016-01-17 CVE-2015-7470 IBM Information Exposure vulnerability in IBM Jazz Reporting Service

Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors, as demonstrated by login information.

5.0
2016-01-16 CVE-2016-1295 Cisco Information Exposure vulnerability in Cisco Adaptive Security Appliance Software

Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.

5.0
2016-01-15 CVE-2016-1910 SAP Information Exposure vulnerability in SAP Netweaver 7.40

The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290.

5.0
2016-01-15 CVE-2016-1260 Juniper Resource Management Errors vulnerability in Juniper Junos 13.2X51/14.1X53/15.2

Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and 15.2 before 15.2R1 on EX4300 series switches allow remote attackers to cause a denial of service (network loop and bandwidth consumption) via unspecified vectors related to Spanning Tree Protocol (STP) traffic.

5.0
2016-01-15 CVE-2016-1258 Juniper Improper Input Validation vulnerability in Juniper Junos

Embedthis Appweb, as used in J-Web in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R8, 14.1 before 14.1R6, and 14.2 before 14.2R5, allows remote attackers to cause a denial of service (J-Web crash) via unspecified vectors.

5.0
2016-01-15 CVE-2016-1256 Juniper Resource Management Errors vulnerability in Juniper Junos

Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R7, 14.1 before 14.1R5, 14.1X53 before 14.1X53-D18 or 14.1X53-D30, 14.1X55 before 14.1X55-D25, 14.2 before 14.2R4, 15.1 before 15.1R2, and 15.1X49 before 15.1X49-D10 allow remote attackers to cause a denial of service via a malformed IGMPv3 packet, aka a "multicast denial of service."

5.0
2016-01-15 CVE-2016-0855 Advantech Path Traversal vulnerability in Advantech Webaccess

Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.

5.0
2016-01-15 CVE-2016-0853 Advantech Information Exposure vulnerability in Advantech Webaccess

Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input.

5.0
2016-01-15 CVE-2016-0852 Advantech Permissions, Privileges, and Access Controls vulnerability in Advantech Webaccess

Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.

5.0
2016-01-15 CVE-2015-8280 Samsung Information Exposure vulnerability in Samsung web Viewer 1.0.0.193

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages.

5.0
2016-01-15 CVE-2015-8279 Samsung Permissions, Privileges, and Access Controls vulnerability in Samsung web Viewer 1.0.0.193

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.

5.0
2016-01-15 CVE-2015-3943 Advantech Information Exposure vulnerability in Advantech Webaccess

Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors.

5.0
2016-01-13 CVE-2016-1494 Python
Fedoraproject
Opensuse
Improper Input Validation vulnerability in multiple products

The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.

5.0
2016-01-12 CVE-2016-1232 Prosody
Fedoraproject
Debian
The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack.
5.0
2016-01-12 CVE-2015-8672 Huawei Data Processing Errors vulnerability in Huawei Te60 Firmware

The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 allows remote attackers to cause a denial of service (wired presentation outage) via unspecified vectors involving a wireless presentation.

5.0
2016-01-12 CVE-2015-5471 Swim Team Project Path Traversal vulnerability in Swim Team Project Swim Team 1.44.10777

Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter.

5.0
2016-01-12 CVE-2015-4703 Rename Project Path Traversal vulnerability in Rename Project Rename 1.0

Absolute path traversal vulnerability in mysqldump_download.php in the WordPress Rename plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the dumpfname parameter.

5.0
2016-01-11 CVE-2015-7399 IBM Information Exposure vulnerability in IBM Integration BUS and Websphere Message Broker

IBM WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.6 and IBM Integration Bus 9 before 9.0.0.3 and 10 before 10.0.0.0 allow remote attackers to obtain sensitive information about the HTTP server via unspecified vectors.

5.0
2016-01-14 CVE-2016-0778 Oracle
Openbsd
Apple
HP
Sophos
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.

4.6
2016-01-12 CVE-2015-8673 Huawei Credentials Management vulnerability in Huawei products

Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 do not require entry of the old password when changing the password for the Debug account, which allows physically proximate attackers to change the password by leveraging an unattended workstation.

4.6
2016-01-16 CVE-2016-1294 Cisco Cross-Site Scripting vulnerability in Cisco Firesight System Software 6.0.1

Cross-site scripting (XSS) vulnerability in the Management Center in Cisco FireSIGHT System Software 6.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted cookie, aka Bug ID CSCuw89094.

4.3
2016-01-16 CVE-2016-1293 Cisco Cross-Site Scripting vulnerability in Cisco Firesight System Software 6.0.0/6.0.1

Multiple cross-site scripting (XSS) vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCux40414.

4.3
2016-01-16 CVE-2016-1133 Dena Unspecified vulnerability in Dena H2O 1.7.0

CRLF injection vulnerability in the on_req function in lib/handler/redirect.c in H2O before 1.6.2 and 1.7.x before 1.7.0-beta3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URI.

4.3
2016-01-15 CVE-2016-1911 SAP Cross-Site Scripting vulnerability in SAP Netweaver 7.40

Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918.

4.3
2016-01-15 CVE-2016-1262 Juniper Improper Input Validation vulnerability in Juniper Junos

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet.

4.3
2016-01-15 CVE-2016-1257 Juniper Improper Input Validation vulnerability in Juniper Junos

The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D28, 14.1X53 before 4.1X53-D35, 14.2R1 before 14.2R5, 14.2R3 before 14.2R3-S4, 14.2R4 before 14.2R4-S1, 15.1 before 15.1R3, 15.1F2 before 15.1F2-S2, and 15.1X49 before 15.1X49-D40, when LDP is enabled, allows remote attackers to cause a denial of service (RPD routing process crash) via a crafted LDP packet.

4.3
2016-01-15 CVE-2015-8749 Openstack Information Exposure vulnerability in Openstack Nova

The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.

4.3
2016-01-15 CVE-2015-8685 Dolibarr Cross-Site Scripting vulnerability in Dolibarr

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the "import external calendar" page.

4.3
2016-01-15 CVE-2016-1898 Ffmpeg
Canonical
Opensuse
Information Exposure vulnerability in multiple products

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.

4.3
2016-01-15 CVE-2016-1897 Ffmpeg
Canonical
Opensuse
Information Exposure vulnerability in multiple products

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.

4.3
2016-01-13 CVE-2016-0032 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2013/2016

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, 2013 Cumulative Update 11, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability."

4.3
2016-01-13 CVE-2016-0031 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2016

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-0029.

4.3
2016-01-13 CVE-2016-0030 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2013/2016

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability."

4.3
2016-01-13 CVE-2016-0029 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2016

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-0031.

4.3
2016-01-13 CVE-2016-0012 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Microsoft Office ASLR Bypass."

4.3
2016-01-13 CVE-2016-0008 Microsoft Information Exposure vulnerability in Microsoft products

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windows GDI32.dll ASLR Bypass Vulnerability."

4.3
2016-01-13 CVE-2016-0005 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."

4.3
2016-01-13 CVE-2015-6117 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2016-0011.

4.3
2016-01-12 CVE-2016-1231 Fedoraproject
Prosody
Debian
Path Traversal vulnerability in multiple products

Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a ..

4.3
2016-01-12 CVE-2015-7759 F5 Improper Input Validation vulnerability in F5 products

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service (Traffic Management Microkernel (TMM) restart) via crafted ICMP packets, related to Path MTU (PMTU) discovery.

4.3
2016-01-12 CVE-2015-8400 Fedoraproject
Shellinabox Project
7PK - Security Features vulnerability in multiple products

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

4.3
2016-01-12 CVE-2015-7242 AVM Cross-Site Scripting vulnerability in AVM Fritz! OS 6.23

Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.

4.3
2016-01-12 CVE-2015-4671 Opencart Cross-Site Scripting vulnerability in Opencart

Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the zone_id parameter to index.php.

4.3
2016-01-11 CVE-2015-7706 SSP Europe Cross-Site Scripting vulnerability in Ssp-Europe Secure Data Space 3.4.14

Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to api/v3/public/shares/downloads/, the (2) authType parameter to api/v3/auth/login, or the (3) login parameter to api/v3/auth/reset_password.

4.3
2016-01-17 CVE-2015-7469 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Jazz Reporting Service

Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended read-only restrictions by leveraging a JazzGuest role.

4.0
2016-01-17 CVE-2015-7468 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Jazz Reporting Service

Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended restrictions on administrator tasks via unspecified vectors.

4.0
2016-01-14 CVE-2016-0777 Sophos
Oracle
Openbsd
HP
Apple
Information Exposure vulnerability in multiple products

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

4.0
2016-01-13 CVE-2016-1569 Firebirdsql Improper Input Validation vulnerability in Firebirdsql Firebird 2.5.5

FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.

4.0
2016-01-11 CVE-2015-8335 Huawei Information Exposure vulnerability in Huawei Vcn500 V100R002C00Spc200/V100R002C00Spc200B010

Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading the log.

4.0

12 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-01-17 CVE-2015-7467 IBM Cross-Site Scripting vulnerability in IBM Jazz Reporting Service

Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2016-01-17 CVE-2015-7414 IBM Cross-Site Scripting vulnerability in IBM Infosphere Master Data Management

Cross-site scripting (XSS) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2016-01-17 CVE-2015-4960 IBM 7PK - Security Features vulnerability in IBM Infosphere Master Data Management

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.

3.5
2016-01-15 CVE-2016-1913 Redhen Project Cross-Site Scripting vulnerability in Redhen Project Redhen

Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to (1) individual contacts, (2) notes, or (3) engagement scores.

3.5
2016-01-15 CVE-2016-1912 Dolibarr Cross-Site Scripting vulnerability in Dolibarr

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) lastname, (2) firstname, (3) email, (4) job, or (5) signature parameter to htdocs/user/card.php.

3.5
2016-01-15 CVE-2015-6423 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Adaptive Security Appliance Software

The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782.

3.5
2016-01-15 CVE-2015-3948 Advantech Cross-Site Scripting vulnerability in Advantech Webaccess

Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2016-01-13 CVE-2016-0011 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft SharePoint Security Feature Bypass," a different vulnerability than CVE-2015-6117.

3.5
2016-01-12 CVE-2015-8603 S9Y Cross-Site Scripting vulnerability in S9Y Serendipity

Cross-site scripting (XSS) vulnerability in Serendipity before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the serendipity[entry_id] parameter in an "edit" admin action to serendipity_admin.php.

3.5
2016-01-17 CVE-2015-4958 IBM Information Exposure vulnerability in IBM Infosphere Master Data Management

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files.

2.1
2016-01-15 CVE-2015-8675 Huawei Credentials Management vulnerability in Huawei S5300 Firmware V200R005C02

Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.

2.1
2016-01-12 CVE-2015-7548 Openstack Information Exposure vulnerability in Openstack Nova

OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.

2.1