Weekly Vulnerabilities Reports > May 30 to June 5, 2016
Overview
92 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 51 high severity vulnerabilities. This weekly summary report vulnerabilities in 79 products from 39 vendors including Debian, Opensuse, Redhat, Google, and Suse. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Access Control", "Information Exposure", "Improper Input Validation", and "Cross-site Scripting".
- 78 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 25 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 71 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 38 reported vulnerabilities.
- Apache has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
7 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-06-04 | CVE-2016-4564 | Imagemagick | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 9.8 |
2016-06-03 | CVE-2016-1388 | Cisco | Command Injection vulnerability in Cisco products Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882. | 9.8 |
2016-06-01 | CVE-2016-3088 | Apache | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Activemq The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. | 9.8 |
2016-05-31 | CVE-2016-4521 | Sixnet | Information Exposure vulnerability in Sixnet products Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors. | 9.8 |
2016-05-30 | CVE-2016-1999 | HP | Improper Access Control vulnerability in HP Release Control 9.13/9.20/9.21 The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | 9.8 |
2016-06-01 | CVE-2016-4432 | Apache | Improper Authentication vulnerability in Apache Qpid Broker-J 6.0.0/6.0.1/6.0.2 The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging. | 9.1 |
2016-05-31 | CVE-2016-4501 | Envirosys | Improper Access Control vulnerability in Envirosys ESC 8832 Data Controller 3.02 Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors. | 9.1 |
51 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-06-05 | CVE-2016-1703 | Google Debian Canonical Redhat Suse Opensuse | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 8.8 |
2016-06-05 | CVE-2016-1701 | Google Debian Redhat Suse Opensuse | The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690. | 8.8 |
2016-06-05 | CVE-2016-1697 | Google Debian Canonical Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. | 8.8 |
2016-06-05 | CVE-2016-1696 | Google Debian Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 8.8 |
2016-06-05 | CVE-2016-1695 | Google Debian Canonical Redhat Suse Opensuse | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 8.8 |
2016-06-05 | CVE-2016-1681 | Debian Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. | 8.8 |
2016-06-05 | CVE-2016-1680 | Google Debian Canonical Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors. | 8.8 |
2016-06-05 | CVE-2016-1679 | Google Debian Canonical Redhat Suse Opensuse | The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. | 8.8 |
2016-06-05 | CVE-2016-1678 | Google Debian Canonical Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. | 8.8 |
2016-06-05 | CVE-2016-1676 | Debian Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 8.8 |
2016-06-05 | CVE-2016-1675 | Debian Canonical Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp. | 8.8 |
2016-06-05 | CVE-2016-1674 | Debian Redhat Suse Opensuse | The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 8.8 |
2016-06-05 | CVE-2016-1673 | Google Debian Canonical Redhat Suse Opensuse | Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 8.8 |
2016-06-05 | CVE-2016-1672 | Google Debian Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors. | 8.8 |
2016-06-04 | CVE-2016-4563 | Imagemagick | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 8.8 |
2016-06-04 | CVE-2016-4562 | Imagemagick | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 8.8 |
2016-06-04 | CVE-2016-1391 | Cisco | Improper Input Validation vulnerability in Cisco products Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889. | 8.8 |
2016-05-31 | CVE-2016-4505 | Resourcedm | Permissions, Privileges, and Access Controls vulnerability in Resourcedm Intuitive 650 TDB Controller 2.1 Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors. | 8.8 |
2016-05-31 | CVE-2016-2285 | Moxa | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |
2016-06-03 | CVE-2016-0376 | Novell IBM Redhat | The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. | 8.1 |
2016-06-03 | CVE-2016-0363 | Redhat Novell IBM | Improper Input Validation vulnerability in multiple products The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. | 8.1 |
2016-05-31 | CVE-2016-4506 | Resourcedm | Cross-Site Request Forgery (CSRF) vulnerability in Resourcedm Intuitive 650 TDB Controller 2.1 Cross-site request forgery (CSRF) vulnerability on Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of arbitrary users. | 8.0 |
2016-06-04 | CVE-2016-1403 | Cisco | Improper Input Validation vulnerability in Cisco IP Phone 8800 Series Firmware CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005. | 7.8 |
2016-06-04 | CVE-2016-1390 | Cisco | Improper Input Validation vulnerability in Cisco products Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892. | 7.8 |
2016-06-03 | CVE-2016-3096 | Fedoraproject Redhat | Link Following vulnerability in multiple products The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory. | 7.8 |
2016-06-01 | CVE-2016-5126 | Qemu Canonical Oracle Debian Redhat | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call. | 7.8 |
2016-06-01 | CVE-2015-8875 | Gnome Debian | Numeric Errors vulnerability in multiple products Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow. | 7.8 |
2016-06-01 | CVE-2016-3697 | Docker Linuxfoundation Opensuse | Permissions, Privileges, and Access Controls vulnerability in multiple products libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. | 7.8 |
2016-06-01 | CVE-2016-2175 | Apache Debian | Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted PDF. | 7.8 |
2016-05-30 | CVE-2016-4118 | Adobe | Permissions, Privileges, and Access Controls vulnerability in Adobe Connect Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. | 7.8 |
2016-06-05 | CVE-2016-1700 | Debian Redhat Suse Opensuse | extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions. | 7.5 |
2016-06-05 | CVE-2016-1691 | Debian Canonical Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp. | 7.5 |
2016-06-05 | CVE-2016-1690 | Debian Redhat Suse Opensuse | The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701. | 7.5 |
2016-06-05 | CVE-2016-1684 | Google Xmlsoft | numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document. | 7.5 |
2016-06-05 | CVE-2016-1683 | Xmlsoft Debian Canonical Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document. | 7.5 |
2016-06-03 | CVE-2016-3944 | Lenovo | Improper Input Validation vulnerability in Lenovo Accelerator Application UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com. | 7.5 |
2016-06-01 | CVE-2016-4810 | Citrix | Improper Access Control vulnerability in Citrix Xenapp and Xendesktop Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors. | 7.5 |
2016-06-01 | CVE-2016-4423 | Sensiolabs Debian | Resource Management Errors vulnerability in multiple products The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames. | 7.5 |
2016-06-01 | CVE-2016-1902 | Debian Sensiolabs | Cryptographic Issues vulnerability in multiple products The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors. | 7.5 |
2016-06-01 | CVE-2016-3075 | Opensuse GNU Fedoraproject Canonical | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name. | 7.5 |
2016-06-01 | CVE-2016-1234 | GNU Opensuse Fedoraproject | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. | 7.5 |
2016-05-31 | CVE-2016-4502 | Envirosys | Improper Access Control vulnerability in Envirosys ESC 8832 Data Controller 3.02 Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier allows remote attackers to bypass intended access restrictions and execute arbitrary functions via a modified parameter. | 7.5 |
2016-05-31 | CVE-2016-2295 | Moxa | Information Exposure vulnerability in Moxa products Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allow remote attackers to obtain sensitive cleartext information by reading a configuration file. | 7.5 |
2016-05-31 | CVE-2016-2286 | Moxa | Improper Authentication vulnerability in Moxa products Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 have a blank default password, which allows remote attackers to obtain access via unspecified vectors. | 7.5 |
2016-05-31 | CVE-2016-0879 | Moxa | Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL. | 7.5 |
2016-05-31 | CVE-2016-0878 | Moxa | Unspecified vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests. | 7.5 |
2016-05-31 | CVE-2016-0877 | Moxa | Missing Release of Resource after Effective Lifetime vulnerability in Moxa Edr-G903 Firmware Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function. | 7.5 |
2016-05-31 | CVE-2016-0876 | Moxa | Cleartext Storage of Sensitive Information vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file. | 7.5 |
2016-05-31 | CVE-2016-0875 | Moxa | Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL. | 7.5 |
2016-05-30 | CVE-2016-2025 | HP | Information Exposure vulnerability in HP Service Manager HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components. | 7.5 |
2016-05-30 | CVE-2016-2309 | IRZ | Insufficient Verification of Data Authenticity vulnerability in IRZ Ruh2 iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. | 7.2 |
33 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-06-04 | CVE-2016-0908 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC Isilon Onefs EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges. | 6.7 |
2016-06-05 | CVE-2016-1702 | Debian Canonical Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. | 6.5 |
2016-06-05 | CVE-2016-1699 | Debian Canonical Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL. | 6.5 |
2016-06-05 | CVE-2016-1698 | Debian Redhat Suse Opensuse | Information Exposure vulnerability in multiple products The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition. | 6.5 |
2016-06-05 | CVE-2016-1689 | Debian Canonical Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site. | 6.5 |
2016-06-05 | CVE-2016-1688 | Debian Canonical Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code. | 6.5 |
2016-06-05 | CVE-2016-1687 | Debian Redhat Suse Opensuse | Information Exposure vulnerability in multiple products The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions. | 6.5 |
2016-06-05 | CVE-2016-1686 | Google Debian Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. | 6.5 |
2016-06-05 | CVE-2016-1685 | Google Debian Redhat Suse Opensuse | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. | 6.5 |
2016-06-05 | CVE-2016-1677 | Google Debian Canonical Redhat Opensuse Suse | Information Exposure vulnerability in multiple products uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion." | 6.5 |
2016-06-01 | CVE-2016-0288 | IBM | Unspecified vulnerability in IBM Security Appscan IBM Security AppScan Standard 8.7.x, 8.8.x, and 9.x before 9.0.3.2 and Security AppScan Enterprise allow remote authenticated users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 6.5 |
2016-05-30 | CVE-2016-2311 | Blackbox | Information Exposure vulnerability in Blackbox products Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors. | 6.5 |
2016-06-03 | CVE-2016-4804 | Dosfstools Project Opensuse Canonical | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function. | 6.2 |
2016-06-03 | CVE-2015-8872 | Canonical Opensuse Dosfstools Project | Numeric Errors vulnerability in multiple products The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error." | 6.2 |
2016-06-05 | CVE-2016-1682 | Google Debian Canonical Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration. | 6.1 |
2016-06-05 | CVE-2016-1230 | NTT | Cross-site Scripting vulnerability in NTT Webarena Service Formmail 2.2.0 Cross-site scripting (XSS) vulnerability in NTT PC Communications WebARENA Service formmail before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-06-05 | CVE-2016-1222 | Kobe Beauty | Cross-site Scripting vulnerability in Kobe-Beauty PHP-Contact-Form Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. | 6.1 |
2016-06-04 | CVE-2016-4812 | Markdown ON Saved Improved Project | Cross-site Scripting vulnerability in Markdown on Saved Improved Project Markdown on Saved Improved 2.5 Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-06-04 | CVE-2016-1211 | Epoch | Cross-site Scripting vulnerability in Epoch web Mailing List 0.31 Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2016-06-01 | CVE-2016-4945 | Citrix | Cross-site Scripting vulnerability in Citrix Netscaler Gateway 11.0 Firmware 65.35 Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote attackers to inject arbitrary web script or HTML via the NSC_TMAC cookie. | 6.1 |
2016-06-01 | CVE-2016-4454 | Qemu Canonical Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read. | 6.0 |
2016-06-01 | CVE-2016-3094 | Apache | Improper Input Validation vulnerability in Apache Qpid Broker-J 6.0.0/6.0.1/6.0.2 PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception. | 5.9 |
2016-05-30 | CVE-2016-0907 | EMC | 7PK - Security Features vulnerability in EMC Isilon Onefs and Isilonsd Edge Onefs EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115. | 5.9 |
2016-06-01 | CVE-2016-4500 | Moxa | 7PK - Security Features vulnerability in Moxa Uc-7408 Lx-Plus and Uc-7408 Lx-Plus Firmware Moxa UC-7408 LX-Plus devices allow remote authenticated users to write to the firmware, and consequently render a device unusable, by leveraging root access. | 5.8 |
2016-05-30 | CVE-2016-2023 | HP | Information Exposure vulnerability in HP Restful Interface Tool 1.40 HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors. | 5.5 |
2016-06-05 | CVE-2016-1229 | Humhub | Cross-site Scripting vulnerability in Humhub 0.20.0/0.20.1/1.0.0 Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2016-06-05 | CVE-2016-1694 | Google Debian Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority. | 5.3 |
2016-06-05 | CVE-2016-1693 | Debian Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack on an HTTP session. | 5.3 |
2016-06-05 | CVE-2016-1692 | Debian Canonical Redhat Suse Opensuse | Improper Access Control vulnerability in multiple products WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | 5.3 |
2016-06-03 | CVE-2016-1370 | Cisco | Improper Input Validation vulnerability in Cisco Network Analysis Module Software 4.0.0/4.1.0 Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculates IPv6 payload lengths, which allows remote attackers to cause a denial of service (mond process crash and monitoring outage) via crafted IPv6 packets, aka Bug ID CSCuy37324. | 5.3 |
2016-05-31 | CVE-2016-4785 | Siemens | Information Exposure vulnerability in Siemens Siprotec Firmware 4.26 A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. | 5.3 |
2016-05-31 | CVE-2016-4784 | Siemens | Information Exposure vulnerability in Siemens Siprotec Firmware 4.26 A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.83; SIPROTEC 7UT686 : All versions < V 4.01; SIPROTEC 7SD686 : All versions < V 4.03; SIPROTEC 7SJ66 : All versions < V 4.20. | 5.3 |
2016-06-01 | CVE-2016-4453 | Qemu Canonical Debian | Infinite Loop vulnerability in multiple products The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command. | 4.4 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-06-05 | CVE-2016-1212 | Futomi | Path Traversal vulnerability in Futomi MP Form Mail CGI 3.2.3 Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors. | 2.7 |