Weekly Vulnerabilities Reports > February 15 to 21, 2016
Overview
103 new vulnerabilities reported during this period, including 12 critical vulnerabilities and 26 high severity vulnerabilities. This weekly summary report vulnerabilities in 95 products from 41 vendors including IBM, Cybozu, Opensuse, Debian, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "7PK - Security Features".
- 95 reported vulnerabilities are remotely exploitables.
- 16 reported vulnerabilities have public exploit available.
- 34 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 76 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 18 reported vulnerabilities.
- Opensuse has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
12 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-02-21 | CVE-2015-7425 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM products The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.4 allows remote attackers to obtain administrative privileges via a crafted URL that triggers back-end function execution. | 10.0 |
2016-02-17 | CVE-2016-2396 | Sonicwall | Command Injection vulnerability in Sonicwall products The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input. | 9.9 |
2016-02-21 | CVE-2016-1629 | Google Novell Opensuse Debian | Permissions, Privileges, and Access Controls vulnerability in multiple products Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors. | 9.8 |
2016-02-21 | CVE-2016-2275 | Advantech | Improper Access Control vulnerability in Advantech Vesp211-232 Firmware and Vesp211-Eu Firmware The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote attackers to perform administrative actions via modified JavaScript code. | 9.8 |
2016-02-18 | CVE-2015-8286 | Zhuhai | 7PK - Security Features vulnerability in Zhuhai Raysharp Firmware Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. | 9.8 |
2016-02-17 | CVE-2016-2397 | Sonicwall | Command Injection vulnerability in Sonicwall products The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data. | 9.8 |
2016-02-17 | CVE-2016-2071 | Citrix | Permissions, Privileges, and Access Controls vulnerability in Citrix Netscaler 10.5/10.5E/11.0 Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands. | 9.8 |
2016-02-16 | CVE-2016-2386 | SAP | SQL Injection vulnerability in SAP Netweaver Application Server Java 7.40 SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079. | 9.8 |
2016-02-15 | CVE-2016-0746 | F5 Canonical Debian Opensuse Apple | Use After Free vulnerability in multiple products Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | 9.8 |
2016-02-15 | CVE-2016-2231 | Huawei | Data Processing Errors vulnerability in Huawei Mt882 Firmware V200R002B022 The Windows-based Host Interface Program (WHIP) service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service (device outage) or possibly have unspecified other impact via crafted traffic on TCP port 8701. | 9.8 |
2016-02-19 | CVE-2016-1154 | Cuore | SQL Injection vulnerability in Cuore Ec-Cube Help Plugin SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.1 |
2016-02-18 | CVE-2015-8151 | Symantec | OS Command Injection vulnerability in Symantec Encryption Management Server 3.3.2 Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. | 9.1 |
26 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-02-18 | CVE-2016-0069 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 10/11/9 Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0068. | 8.8 |
2016-02-18 | CVE-2016-0068 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 10/11/9 Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0069. | 8.8 |
2016-02-17 | CVE-2016-0766 | Postgresql Canonical Debian | Permissions, Privileges, and Access Controls vulnerability in multiple products PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors. | 8.8 |
2016-02-17 | CVE-2016-1151 | Cybozu | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Office Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users. | 8.8 |
2016-02-15 | CVE-2015-5050 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Emptoris Contract Management Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 8.8 |
2016-02-18 | CVE-2015-7547 | Debian Canonical HP Sophos Suse Opensuse Oracle F5 Redhat GNU | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. | 8.1 |
2016-02-18 | CVE-2015-8150 | Symantec | Permissions, Privileges, and Access Controls vulnerability in Symantec Encryption Management Server 3.3.2 Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. | 7.8 |
2016-02-18 | CVE-2016-0795 | Libreoffice Canonical | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. | 7.8 |
2016-02-18 | CVE-2016-0794 | Libreoffice Canonical | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. | 7.8 |
2016-02-20 | CVE-2016-2041 | Fedoraproject Phpmyadmin Opensuse | 7PK - Security Features vulnerability in multiple products libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. | 7.5 |
2016-02-20 | CVE-2016-1927 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach. | 7.5 |
2016-02-19 | CVE-2016-1335 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco ASR 5000 Series Software The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492. | 7.5 |
2016-02-18 | CVE-2015-8149 | Symantec | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Encryption Management Server 3.3.2 The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. | 7.5 |
2016-02-18 | CVE-2015-8148 | Symantec | Information Exposure vulnerability in Symantec Encryption Management Server 3.3.2 The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. | 7.5 |
2016-02-17 | CVE-2016-0773 | Postgresql Canonical Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression. | 7.5 |
2016-02-16 | CVE-2016-2389 | SAP | Path Traversal vulnerability in SAP Netweaver 7.40 Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. | 7.5 |
2016-02-16 | CVE-2016-0752 | Rubyonrails Opensuse Suse Debian Redhat | Path Traversal vulnerability in multiple products Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. | 7.5 |
2016-02-16 | CVE-2016-0751 | Rubyonrails | Resource Management Errors vulnerability in Rubyonrails Ruby on Rails actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header. | 7.5 |
2016-02-16 | CVE-2015-7581 | Rubyonrails | Resource Management Errors vulnerability in Rubyonrails Rails actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route. | 7.5 |
2016-02-15 | CVE-2016-0742 | F5 Canonical Debian Opensuse Apple Redhat | NULL Pointer Dereference vulnerability in multiple products The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. | 7.5 |
2016-02-15 | CVE-2015-5042 | IBM | Improper Input Validation vulnerability in IBM Emptoris Contract Management IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file. | 7.5 |
2016-02-15 | CVE-2015-5012 | IBM | Cryptographic Issues vulnerability in IBM products The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | 7.5 |
2016-02-15 | CVE-2015-5010 | IBM | 7PK - Security Features vulnerability in IBM products IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. | 7.5 |
2016-02-17 | CVE-2015-8483 | Cybozu | Unspecified vulnerability in Cybozu Office Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | 7.4 |
2016-02-15 | CVE-2015-4956 | IBM | OS Command Injection vulnerability in IBM Qradar Security Information and Event Manager 7.1.0 The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors. | 7.4 |
2016-02-15 | CVE-2015-7472 | IBM | Unspecified vulnerability in IBM Websphere Portal IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP injection attacks, and consequently read or write to repository data, via unspecified vectors. | 7.2 |
62 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-02-19 | CVE-2016-2270 | Debian Fedoraproject XEN Oracle | Improper Input Validation vulnerability in multiple products Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings. | 6.8 |
2016-02-17 | CVE-2016-2398 | Comcast | 7PK - Security Features vulnerability in Comcast Xfinity Home Security System Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions. | 6.5 |
2016-02-17 | CVE-2016-1333 | Cisco | Resource Management Errors vulnerability in Cisco IOS 15.5(3)M/15.6(1)T0A Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OIDs, aka Bug ID CSCux89878. | 6.5 |
2016-02-17 | CVE-2013-7447 | Canonical Samsung | Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation. | 6.5 |
2016-02-17 | CVE-2016-1153 | Cybozu | Improper Input Validation vulnerability in Cybozu Office 10.3.0/9.9.0 customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489. | 6.5 |
2016-02-17 | CVE-2015-8489 | Cybozu | Improper Input Validation vulnerability in Cybozu Office customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-2016-1153. | 6.5 |
2016-02-15 | CVE-2016-1330 | Zzinc | Resource Management Errors vulnerability in Zzinc Keymouse Firmware 3.08 Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746. | 6.5 |
2016-02-21 | CVE-2016-1628 | Google Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions. | 6.3 |
2016-02-19 | CVE-2015-7769 | Basercms | OS Command Injection vulnerability in Basercms baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. | 6.3 |
2016-02-17 | CVE-2016-2072 | Citrix | 7PK - Security Features vulnerability in Citrix Netscaler The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 6.1 |
2016-02-17 | CVE-2016-2046 | Sophos | Cross-site Scripting vulnerability in Sophos Unified Threat Management Software Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 6.1 |
2016-02-17 | CVE-2016-1150 | Cybozu | Cross-site Scripting vulnerability in Cybozu Office Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1149. | 6.1 |
2016-02-17 | CVE-2016-1149 | Cybozu | Cross-site Scripting vulnerability in Cybozu Office Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150. | 6.1 |
2016-02-17 | CVE-2015-7798 | Cybozu | Cross-site Scripting vulnerability in Cybozu Office Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150. | 6.1 |
2016-02-17 | CVE-2015-7797 | Cybozu | Cross-site Scripting vulnerability in Cybozu Office Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | 6.1 |
2016-02-17 | CVE-2015-7796 | Cybozu | Cross-site Scripting vulnerability in Cybozu Office Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | 6.1 |
2016-02-17 | CVE-2015-7795 | Cybozu | Cross-site Scripting vulnerability in Cybozu Office Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | 6.1 |
2016-02-16 | CVE-2016-2387 | SAP | Cross-site Scripting vulnerability in SAP Netweaver 7.40 Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571. | 6.1 |
2016-02-16 | CVE-2015-7580 | Rubyonrails | Cross-site Scripting vulnerability in Rubyonrails Html Sanitizer 1.0.0/1.0.1/1.0.2 Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node. | 6.1 |
2016-02-16 | CVE-2015-7579 | Rubyonrails | Cross-site Scripting vulnerability in Rubyonrails Html Sanitizer 1.0.0/1.0.1/1.0.2 Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer class. | 6.1 |
2016-02-16 | CVE-2015-7578 | Rubyonrails | Cross-site Scripting vulnerability in Rubyonrails Html Sanitizer 1.0.0/1.0.1/1.0.2 Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes. | 6.1 |
2016-02-15 | CVE-2016-1331 | SUN | Cross-site Scripting vulnerability in SUN Opensolaris Snv124 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766. | 6.1 |
2016-02-15 | CVE-2015-8797 | Apache | Cross-site Scripting vulnerability in Apache Solr Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI. | 6.1 |
2016-02-15 | CVE-2015-8796 | Apache | Cross-site Scripting vulnerability in Apache Solr Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL. | 6.1 |
2016-02-15 | CVE-2015-8795 | Apache | Cross-site Scripting vulnerability in Apache Solr Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to webapp/web/js/scripts/analysis.js or (2) Schema-Browser page, related to webapp/web/js/scripts/schema-browser.js. | 6.1 |
2016-02-15 | CVE-2015-8531 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |
2016-02-18 | CVE-2016-1987 | HP | Improper Input Validation vulnerability in HP Hp-Ux Ipfilter A.11.31.18.21 HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets. | 5.9 |
2016-02-15 | CVE-2015-3197 | Oracle Openssl | Information Exposure vulnerability in multiple products ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. | 5.9 |
2016-02-15 | CVE-2016-1321 | Cisco | Information Exposure vulnerability in Cisco Universal Small Cell Firmware Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature and obtain sensitive firmware-image and IP address data via a request to an unspecified Cisco server, aka Bug ID CSCut98082. | 5.8 |
2016-02-19 | CVE-2016-1156 | Linecorp | Improper Input Validation vulnerability in Linecorp Line 4.3.0.724/4.3.1 LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline. | 5.7 |
2016-02-19 | CVE-2016-2271 | XEN | Unspecified vulnerability in XEN 4.6.0/4.6.1 VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP. | 5.5 |
2016-02-20 | CVE-2016-2045 | Phpmyadmin Fedoraproject | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response. | 5.4 |
2016-02-20 | CVE-2016-2043 | Fedoraproject Opensuse Phpmyadmin | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page. | 5.4 |
2016-02-20 | CVE-2016-2040 | Fedoraproject Opensuse Phpmyadmin | Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) search query, or (4) hostname in a Location header. | 5.4 |
2016-02-17 | CVE-2016-1152 | Cybozu | Permissions, Privileges, and Access Controls vulnerability in Cybozu Office Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions, and read or write to plan data, via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2015-8486. | 5.4 |
2016-02-17 | CVE-2015-8486 | Cybozu | Permissions, Privileges, and Access Controls vulnerability in Cybozu Office Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152. | 5.4 |
2016-02-17 | CVE-2015-8485 | Cybozu | Permissions, Privileges, and Access Controls vulnerability in Cybozu Office Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152. | 5.4 |
2016-02-17 | CVE-2015-8484 | Cybozu | Permissions, Privileges, and Access Controls vulnerability in Cybozu Office Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152. | 5.4 |
2016-02-15 | CVE-2015-7492 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Master Data Management Reference Data Management Cross-site scripting (XSS) vulnerability in Reference Data Management (RDM) in IBM InfoSphere Master Data Management 10.1, 11.0 before FP5, 11.3, 11.4, and 11.5 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |
2016-02-15 | CVE-2015-7398 | IBM | Cross-site Scripting vulnerability in IBM Emptoris Contract Management Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |
2016-02-15 | CVE-2015-4957 | IBM | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.1.0 Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |
2016-02-20 | CVE-2016-2044 | Fedoraproject Phpmyadmin | Information Exposure vulnerability in multiple products libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. | 5.3 |
2016-02-20 | CVE-2016-2042 | Opensuse Fedoraproject Phpmyadmin | Information Exposure vulnerability in multiple products phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message. | 5.3 |
2016-02-20 | CVE-2016-2039 | Opensuse Phpmyadmin Fedoraproject | Information Exposure vulnerability in multiple products libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value. | 5.3 |
2016-02-20 | CVE-2016-2038 | Phpmyadmin Fedoraproject Opensuse | Information Exposure vulnerability in multiple products phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. | 5.3 |
2016-02-18 | CVE-2016-2509 | Belden | Information Exposure vulnerability in Belden Hirschmann Firmware and Hirschmann L2B The password-sync feature on Belden Hirschmann Classic Platform switches L2B before 05.3.07 and L2E, L2P, L3E, and L3P before 09.0.06 sets an SNMP community to the same string as the administrator password, which allows remote attackers to obtain sensitive information by sniffing the network. | 5.3 |
2016-02-18 | CVE-2015-5970 | Novell | Code Injection vulnerability in Novell Zenworks Configuration Management The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a malformed query involving a system entity reference. | 5.3 |
2016-02-18 | CVE-2015-8287 | Swann | Unspecified vulnerability in Swann Srnvw-470Lcd Firmware and Swnvw-470Cam Firmware Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL. | 5.3 |
2016-02-17 | CVE-2016-1334 | Cisco | Improper Input Validation vulnerability in Cisco Small Business Wireless Access Points Firmware 1.0.4.4 Cisco Small Business 500 Wireless Access Point devices with firmware 1.0.4.4 allow remote attackers to set the system time via a crafted POST request, aka Bug ID CSCuy01457. | 5.3 |
2016-02-16 | CVE-2016-2388 | SAP | Information Exposure vulnerability in SAP Netweaver Application Server Java The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. | 5.3 |
2016-02-16 | CVE-2016-0753 | Rubyonrails Debian Fedoraproject Opensuse | Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters. | 5.3 |
2016-02-16 | CVE-2015-7577 | Rubyonrails | Improper Access Control vulnerability in Rubyonrails Ruby on Rails activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy option, which allows remote attackers to bypass intended change restrictions by leveraging use of the nested attributes feature. | 5.3 |
2016-02-15 | CVE-2016-0747 | F5 Canonical Debian Opensuse Apple | Resource Exhaustion vulnerability in multiple products The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | 5.3 |
2016-02-15 | CVE-2015-7444 | IBM | Information Exposure vulnerability in IBM Websphere Commerce 7.0.0.8/7.0.0.9 The Update Installer in IBM WebSphere Commerce Enterprise 7.0.0.8 and 7.0.0.9 does not properly replicate the search index, which allows attackers to obtain sensitive information via unspecified vectors. | 5.3 |
2016-02-15 | CVE-2015-2005 | IBM | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.5 Patch 6 does not properly expire sessions, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation. | 5.3 |
2016-02-15 | CVE-2016-2314 | Huawei | Code vulnerability in Huawei Mt882 Firmware V200R002B022Arg GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands. | 4.9 |
2016-02-15 | CVE-2015-2008 | IBM | Improper Access Control vulnerability in IBM Qradar Security Information and Event Manager IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.6 includes SSH private keys during backup operations, which allows remote authenticated administrators to obtain sensitive information by reading a backup archive. | 4.4 |
2016-02-17 | CVE-2015-8488 | Cybozu | Information Exposure vulnerability in Cybozu Office 10.3.0 Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message, a different vulnerability than CVE-2015-8487. | 4.3 |
2016-02-17 | CVE-2015-8487 | Cybozu | Information Exposure vulnerability in Cybozu Office Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover CSRF tokens via unspecified vectors, a different vulnerability than CVE-2015-8488. | 4.3 |
2016-02-15 | CVE-2016-0232 | IBM | Information Exposure vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files. | 4.3 |
2016-02-15 | CVE-2016-0231 | IBM | Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.0.0 IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs. | 4.3 |
2016-02-15 | CVE-2015-4991 | IBM | Information Exposure vulnerability in IBM Spss Modeler IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-02-16 | CVE-2015-7576 | Rubyonrails | 7PK - Security Features vulnerability in Rubyonrails Ruby on Rails The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to bypass authentication by measuring timing differences. | 3.7 |
2016-02-15 | CVE-2016-0701 | Openssl | Information Exposure vulnerability in Openssl The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file. | 3.7 |
2016-02-15 | CVE-2015-7408 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager The server in IBM Spectrum Protect (aka Tivoli Storage Manager) 5.5 and 6.x before 6.3.5.1 and 7.x before 7.1.4 does not properly restrict use of the ASNODENAME option, which allows remote attackers to read or write to backup data by leveraging proxy authority. | 3.7 |