Weekly Vulnerabilities Reports > January 25 to 31, 2016
Overview
89 new vulnerabilities reported during this period, including 12 critical vulnerabilities and 21 high severity vulnerabilities. This weekly summary report vulnerabilities in 184 products from 43 vendors including Mozilla, Opensuse, Google, Cisco, and Kddi. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "7PK - Security Features".
- 82 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 23 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 82 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 16 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
12 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-01-31 | CVE-2016-1946 | Opensuse Mozilla | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata. | 10.0 |
2016-01-31 | CVE-2016-1944 | Mozilla Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 10.0 |
2016-01-31 | CVE-2016-1931 | Mozilla Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors. | 10.0 |
2016-01-30 | CVE-2016-1985 | HP Microsoft | Code Injection vulnerability in HP Operations Manager HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | 10.0 |
2016-01-28 | CVE-2016-0868 | Rockwellautomation | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request. | 10.0 |
2016-01-27 | CVE-2015-6319 | Cisco | SQL Injection vulnerability in Cisco RV Series Router Firmware SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574. | 10.0 |
2016-01-27 | CVE-2016-1896 | Lexmark | Permissions, Privileges, and Access Controls vulnerability in Lexmark Printer Firmware Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status. | 10.0 |
2016-01-31 | CVE-2016-1930 | Mozilla Oracle Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 9.8 |
2016-01-25 | CVE-2016-2051 | Google Redhat | Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 9.8 |
2016-01-31 | CVE-2016-1945 | Mozilla Opensuse | Memory Corruption and Integer Overflow vulnerability in Mozilla Firefox The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive. | 9.3 |
2016-01-30 | CVE-2015-7923 | Westermo | Cryptographic Issues vulnerability in Westermo Weos 4.18.0 Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key. | 9.3 |
2016-01-29 | CVE-2015-8789 | Matroska | Unspecified vulnerability in Matroska Libebml 1.3.2 Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document. | 9.3 |
21 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-01-31 | CVE-2016-1935 | Opensuse Oracle Mozilla | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content. | 8.8 |
2016-01-25 | CVE-2016-1620 | Unspecified vulnerability in Google Chrome Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 8.8 | |
2016-01-29 | CVE-2015-8772 | Mcafee | Data Processing Errors vulnerability in Mcafee File Lock 5.0 McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a large VERIFY_INFORMATION.Length value in an IOCTL_DISK_VERIFY ioctl call. | 8.5 |
2016-01-30 | CVE-2016-1145 | NEC | Path Traversal vulnerability in NEC Expresscluster X 3.3 Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors. | 7.8 |
2016-01-30 | CVE-2016-0867 | Carel | Information Exposure vulnerability in Carel Plantvisor Enhanced CAREL PlantVisorEnhanced allows remote attackers to bypass intended access restrictions via a direct file request. | 7.8 |
2016-01-30 | CVE-2016-1303 | Cisco | Improper Input Validation vulnerability in Cisco 500 Series Switch Firmware 1.2.0.92 The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330. | 7.8 |
2016-01-29 | CVE-2015-8773 | Mcafee | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mcafee File Lock 5.0 Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows attackers to cause a denial of service (system crash) via a long vault GUID in an ioctl call. | 7.8 |
2016-01-29 | CVE-2016-1882 | Freebsd | Data Processing Errors vulnerability in Freebsd 10.1/10.2/9.3 FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options. | 7.8 |
2016-01-29 | CVE-2016-1879 | Freebsd | Denial of Service vulnerability in Freebsd 10.1/10.2/9.3 The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet. | 7.8 |
2016-01-27 | CVE-2015-6421 | Cisco | Resource Management Errors vulnerability in Cisco Wide Area Application Services cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted network traffic, aka Bug ID CSCus85330. | 7.8 |
2016-01-29 | CVE-2016-1493 | Intel | Insufficient Verification of Data Authenticity vulnerability in Intel Driver Update Utility Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file. | 7.6 |
2016-01-25 | CVE-2016-2052 | Harfbuzz Project | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947. | 7.6 |
2016-01-25 | CVE-2016-1619 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. | 7.6 | |
2016-01-25 | CVE-2016-1613 | Unspecified vulnerability in Google Chrome Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destruction of (1) IPWL_FocusHandler and (2) IPWL_Provider objects. | 7.6 | |
2016-01-25 | CVE-2016-1612 | Improper Input Validation vulnerability in Google Chrome The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact via crafted JavaScript code. | 7.6 | |
2016-01-29 | CVE-2016-0738 | Openstack | Resource Management Errors vulnerability in Openstack Swift OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL. | 7.5 |
2016-01-29 | CVE-2016-0737 | Openstack | Resource Management Errors vulnerability in Openstack Swift OpenStack Object Storage (Swift) before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL. | 7.5 |
2016-01-29 | CVE-2015-7521 | Apache | Improper Authentication vulnerability in Apache Hive The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations. | 7.5 |
2016-01-27 | CVE-2015-8618 | Opensuse Golang | Information Exposure vulnerability in multiple products The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors. | 7.5 |
2016-01-26 | CVE-2016-1233 | Debian | Permissions, Privileges, and Access Controls vulnerability in Debian Fuse 2.9.314 An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character device, which allows local users to gain privileges via a character device in /dev, related to an ioctl. | 7.2 |
2016-01-26 | CVE-2016-0869 | Microsys | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsys Promotic 8.0.10/8.3.10 Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document. | 7.1 |
51 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-01-30 | CVE-2016-1139 | Kddi | Cross-Site Request Forgery (CSRF) vulnerability in Kddi Home Spot Cube Firmware 2.0 Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2016-01-26 | CVE-2016-1567 | Tuxfamily | 7PK - Security Features vulnerability in Tuxfamily Chrony chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." | 6.8 |
2016-01-26 | CVE-2015-8379 | Cakephp | Cross-Site Request Forgery (CSRF) vulnerability in Cakephp CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter. | 6.8 |
2016-01-30 | CVE-2016-1141 | Kddi | OS Command Injection vulnerability in Kddi Home Spot Cube Firmware 2.0 KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | 6.5 |
2016-01-25 | CVE-2016-1618 | Information Exposure vulnerability in Google Chrome Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | 6.5 | |
2016-01-25 | CVE-2016-1615 | 7PK - Security Features vulnerability in Google Chrome The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors. | 6.5 | |
2016-01-31 | CVE-2016-1938 | Opensuse Mozilla | Cryptographic Issues vulnerability in multiple products The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function. | 6.4 |
2016-01-29 | CVE-2015-8770 | Roundcube | Path Traversal vulnerability in Roundcube Webmail Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. | 6.0 |
2016-01-30 | CVE-2016-1137 | Kddi | Unspecified vulnerability in Kddi Home Spot Cube Firmware 2.0 Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.8 |
2016-01-26 | CVE-2016-1491 | Lenovo | Credentials Management vulnerability in Lenovo Shareit 2.5.1.1 The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. | 5.4 |
2016-01-31 | CVE-2016-1940 | Google Mozilla | Code vulnerability in multiple products Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing. | 5.0 |
2016-01-31 | CVE-2016-1939 | Opensuse Mozilla | Information Exposure vulnerability in multiple products Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. | 5.0 |
2016-01-29 | CVE-2016-0756 | Prosody | Improper Input Validation vulnerability in Prosody The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix. | 5.0 |
2016-01-29 | CVE-2016-0755 | Haxx Canonical Debian | Improper Authentication vulnerability in multiple products The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015. | 5.0 |
2016-01-29 | CVE-2016-0754 | Haxx Microsoft | Improper Input Validation vulnerability in Haxx Curl cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name. | 5.0 |
2016-01-29 | CVE-2015-8792 | Matroska Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. | 5.0 |
2016-01-29 | CVE-2015-7464 | IBM | Denial of Service vulnerability in IBM Jazz Reporting Service Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote attackers to cause a denial of service (Report Builder server outage) via a crafted request to a Report Builder instance URL. | 5.0 |
2016-01-27 | CVE-2016-1299 | Cisco | Resource Management Errors vulnerability in Cisco 300 Series Managed Switch Firmware 1.4.1 The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote attackers to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw87174. | 5.0 |
2016-01-27 | CVE-2016-1983 | Privoxy | Improper Input Validation vulnerability in Privoxy The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. | 5.0 |
2016-01-27 | CVE-2016-1982 | Privoxy | Improper Input Validation vulnerability in Privoxy The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. | 5.0 |
2016-01-27 | CVE-2015-7487 | IBM | Information Exposure vulnerability in IBM products IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX002, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX002, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow local users to obtain sensitive information by leveraging administrative privileges and reading log files. | 4.9 |
2016-01-31 | CVE-2016-1948 | Google Mozilla | Cryptographic Issues vulnerability in multiple products Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream. | 4.3 |
2016-01-31 | CVE-2016-1947 | Canonical Opensuse Mozilla | Data Processing Errors vulnerability in multiple products Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data. | 4.3 |
2016-01-31 | CVE-2016-1943 | Opensuse Mozilla | Code vulnerability in multiple products Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method. | 4.3 |
2016-01-31 | CVE-2016-1942 | Opensuse Mozilla | Improper Input Validation vulnerability in multiple products Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a (1) wyciwyg: URI or (2) resource: URI. | 4.3 |
2016-01-31 | CVE-2016-1941 | Apple Mozilla | Cross-site Scripting vulnerability in multiple products The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended. | 4.3 |
2016-01-31 | CVE-2016-1937 | Mozilla Opensuse | Cross-site Scripting vulnerability in multiple products The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended. | 4.3 |
2016-01-31 | CVE-2016-1933 | Opensuse Mozilla | Numeric Errors vulnerability in multiple products Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image. | 4.3 |
2016-01-30 | CVE-2016-1143 | Vine MV Project | Cross-site Scripting vulnerability in Vine MV Project Vine MV 20150909 Cross-site scripting (XSS) vulnerability in main.rb in Vine MV before 2015-11-08 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2016-01-30 | CVE-2016-1140 | Kddi | 7PK - Security Features vulnerability in Kddi Home Spot Cube Firmware 2.0 KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors. | 4.3 |
2016-01-30 | CVE-2016-1138 | Kddi | Unspecified vulnerability in Kddi Home Spot Cube Firmware 2.0 CRLF injection vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to inject arbitrary HTTP headers via unspecified vectors. | 4.3 |
2016-01-30 | CVE-2016-1488 | Siemens | Cross-site Scripting vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2016-01-30 | CVE-2016-1304 | Cisco | Cross-site Scripting vulnerability in Cisco Unity Connection 10.5(2.3009) Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596. | 4.3 |
2016-01-29 | CVE-2015-8793 | Roundcube | Cross-site Scripting vulnerability in Roundcube Webmail Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter in a mail task to the default URL, a different vulnerability than CVE-2011-2937. | 4.3 |
2016-01-29 | CVE-2015-8791 | Matroska | Information Exposure vulnerability in Matroska Libebml 1.3.2 The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. | 4.3 |
2016-01-29 | CVE-2015-8790 | Matroska | Information Exposure vulnerability in Matroska Libebml 1.3.2 The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. | 4.3 |
2016-01-27 | CVE-2016-1300 | Cisco | Cross-site Scripting vulnerability in Cisco Unity Connection 10.5(2.3009) Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC) 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582. | 4.3 |
2016-01-27 | CVE-2016-2047 | Mariadb Oracle Opensuse Redhat Debian Canonical | 7PK - Security Features vulnerability in multiple products The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com." | 4.3 |
2016-01-27 | CVE-2016-1924 | Uclouvain | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image. | 4.3 |
2016-01-27 | CVE-2016-1923 | Uclouvain | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg 2.1.0 Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image. | 4.3 |
2016-01-27 | CVE-2016-0209 | IBM | Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0 Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2016-01-27 | CVE-2015-7439 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect (IDA), as distributed in IBM Rational Software Architect 8.5 through 9.5, Rational Software Architect for WebSphere Software (RSA4WS) 8.5 through 9.5, and Rational Software Architect RealTime (RSART) 8.5 through 9.5, allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2016-01-26 | CVE-2016-1926 | Greenbone Fedoraproject | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the charts module in Greenbone Security Assistant (GSA) 6.x before 6.0.8 allows remote attackers to inject arbitrary web script or HTML via the aggregate_type parameter in a get_aggregate command to omp. | 4.3 |
2016-01-26 | CVE-2016-1489 | Lenovo | Information Exposure vulnerability in Lenovo Shareit 2.5.1.1/3.0.18Ww Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. | 4.3 |
2016-01-26 | CVE-2016-1298 | Cisco | Cross-site Scripting vulnerability in Cisco Unified Contact Center Express Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via vectors related to permalinks, aka Bug ID CSCux92033. | 4.3 |
2016-01-26 | CVE-2015-6337 | Cisco | Cross-site Scripting vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module 1.0.10/1.0Ga Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote attackers to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238. | 4.3 |
2016-01-25 | CVE-2016-1617 | Information Exposure vulnerability in Google Chrome The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easier for remote attackers to determine whether a specific HSTS web site has been visited by reading a CSP report. | 4.3 | |
2016-01-25 | CVE-2016-1616 | 7PK - Security Features vulnerability in Google Chrome The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in Google Chrome before 48.0.2564.82 allows remote attackers to spoof URLs via vectors involving an unfocused custom button. | 4.3 | |
2016-01-25 | CVE-2016-1614 | Information Exposure vulnerability in Google Chrome The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a crafted web site. | 4.3 | |
2016-01-29 | CVE-2015-8794 | Roundcube | Path Traversal vulnerability in Roundcube Webmail 1.1.0/1.1.1 Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the _alt parameter, related to contact photo handling. | 4.0 |
2016-01-26 | CVE-2015-7974 | NTP Siemens Netapp Debian | Improper Authentication vulnerability in multiple products NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-01-30 | CVE-2016-1144 | Websquare | Cross-site Scripting vulnerability in Websquare Job-Cube Cross-site scripting (XSS) vulnerability in JOB-CUBE -JOB WEB SYSTEM before 1.2.2 and -JOB WEB SYSTEM High Income 1.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2016-01-30 | CVE-2016-1136 | Kddi | Cross-site Scripting vulnerability in Kddi Home Spot Cube Firmware 2.0 Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2016-01-26 | CVE-2016-1492 | Lenovo | Improper Access Control vulnerability in Lenovo Shareit 3.0.18Ww The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. | 2.9 |
2016-01-26 | CVE-2016-1490 | Lenovo | Information Exposure vulnerability in Lenovo Shareit 2.5.1.1 The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list. | 2.7 |
2016-01-27 | CVE-2015-7488 | IBM | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in certain LDAP File protocol configurations, allows remote attackers to discover an LDAP password via unspecified vectors. | 2.1 |