Weekly Vulnerabilities Reports > June 13 to 19, 2016

Overview

220 new vulnerabilities reported during this period, including 80 critical vulnerabilities and 51 high severity vulnerabilities. This weekly summary report vulnerabilities in 211 products from 48 vendors including Opensuse, Adobe, Google, Redhat, and Microsoft. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Permissions, Privileges, and Access Controls", "Information Exposure", and "Out-of-bounds Write".

  • 196 reported vulnerabilities are remotely exploitables.
  • 20 reported vulnerabilities have public exploit available.
  • 31 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 198 reported vulnerabilities are exploitable by an anonymous user.
  • Opensuse has the most reported vulnerabilities, with 56 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 31 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

80 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-06-19 CVE-2016-1395 Cisco Improper Input Validation vulnerability in Cisco products

The web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to execute arbitrary code as root via a crafted HTTP request, aka Bug ID CSCux82428.

10.0
2016-06-17 CVE-2016-3642 Solarwinds Remote Code Execution vulnerability in Solarwinds Virtualization Manager

The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

10.0
2016-06-16 CVE-2016-4171 Adobe
Redhat
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
10.0
2016-06-16 CVE-2016-4165 Adobe Improper Input Validation vulnerability in Adobe Brackets 1.6

The extension manager in Adobe Brackets before 1.7 allows attackers to have an unspecified impact via invalid input.

10.0
2016-06-16 CVE-2016-4138 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
10.0
2016-06-16 CVE-2016-3236 Microsoft Data Processing Errors vulnerability in Microsoft products

The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy discovery, which allows remote attackers to redirect network traffic via unspecified vectors, aka "Windows WPAD Proxy Discovery Elevation of Privilege Vulnerability."

10.0
2016-06-16 CVE-2016-3227 Microsoft DNS Use After Free Remote Code Execution vulnerability in Microsoft Windows Server 2012 R2

Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability." <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

10.0
2016-06-14 CVE-2016-5365 Huawei Permissions, Privileges, and Access Controls vulnerability in Huawei Honor Ws851 Firmware

Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HWPSIRT-2016-05051.

10.0
2016-06-16 CVE-2016-4163 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162.

9.8
2016-06-16 CVE-2016-4162 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163.

9.8
2016-06-16 CVE-2016-4161 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163.

9.8
2016-06-16 CVE-2016-4160 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.

9.8
2016-06-16 CVE-2016-4121 Adobe Use After Free vulnerability in Adobe products

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110.

9.8
2016-06-16 CVE-2016-4120 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.

9.8
2016-06-13 CVE-2016-2496 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 6.0/6.0.1

The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows attackers to conduct tapjacking attacks and access arbitrary private-storage files by creating a partially overlapping window, aka internal bug 26677796.

9.8
2016-06-19 CVE-2016-1861 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.

9.3
2016-06-16 CVE-2016-4156 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4148 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4147 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4146 Adobe
Redhat
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4145 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4144 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4143 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4142 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4141 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4140 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4139 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4137 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4136 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4135 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4134 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4133 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4132 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-4131 Redhat
Adobe
Opensuse
Suse
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
9.3
2016-06-16 CVE-2016-3233 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Excel and Office Compatibility Pack

Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2016-06-16 CVE-2016-3223 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle LDAP authentication, which allows man-in-the-middle attackers to gain privileges by modifying group-policy update data within a domain-controller data stream, aka "Group Policy Elevation of Privilege Vulnerability."

9.3
2016-06-16 CVE-2016-3222 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

9.3
2016-06-16 CVE-2016-3214 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3199.

9.3
2016-06-16 CVE-2016-3213 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 9 through 11 has an improper fallback mechanism, which allows remote attackers to gain privileges via NetBIOS name responses, aka "WPAD Elevation of Privilege Vulnerability."

9.3
2016-06-16 CVE-2016-3211 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0199 and CVE-2016-0200.

9.3
2016-06-16 CVE-2016-3210 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11

The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

9.3
2016-06-16 CVE-2016-3203 Microsoft Improper Input Validation vulnerability in Microsoft products

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."

9.3
2016-06-16 CVE-2016-3199 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3214.

9.3
2016-06-16 CVE-2016-0200 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0199 and CVE-2016-3211.

9.3
2016-06-16 CVE-2016-0199 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11/9

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0200 and CVE-2016-3211.

9.3
2016-06-16 CVE-2016-0025 Microsoft Improper Input Validation vulnerability in Microsoft products

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3
2016-06-13 CVE-2016-5234 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Rse6500 Firmware and Vp9600 Series Firmware

Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconference devices with software before V500R002C00SPC100, when an unspecified service is enabled, allows remote attackers to execute arbitrary code via a crafted packet, aka HWPSIRT-2016-05054.

9.3
2016-06-13 CVE-2016-2494 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28085658.

9.3
2016-06-13 CVE-2016-2493 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 26571522.

9.3
2016-06-13 CVE-2016-2492 Google Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1

The MediaTek power-management driver in Android before 2016-06-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 28085410.

9.3
2016-06-13 CVE-2016-2491 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27556408.

9.3
2016-06-13 CVE-2016-2490 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27533373.

9.3
2016-06-13 CVE-2016-2489 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629.

9.3
2016-06-13 CVE-2016-2488 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27600832.

9.3
2016-06-13 CVE-2016-2487 Google Improper Input Validation vulnerability in Google Android

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27833616.

9.3
2016-06-13 CVE-2016-2486 Google Improper Input Validation vulnerability in Google Android

mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate the relationship between allocated memory and the frame size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27793371.

9.3
2016-06-13 CVE-2016-2485 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27793367.

9.3
2016-06-13 CVE-2016-2484 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27793163.

9.3
2016-06-13 CVE-2016-2483 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27662502.

9.3
2016-06-13 CVE-2016-2482 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27661749.

9.3
2016-06-13 CVE-2016-2481 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27532497.

9.3
2016-06-13 CVE-2016-2480 Google Improper Input Validation vulnerability in Google Android

The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate certain OMX parameter data structures, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27532721.

9.3
2016-06-13 CVE-2016-2479 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27532282.

9.3
2016-06-13 CVE-2016-2478 Google Improper Input Validation vulnerability in Google Android

mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27475409.

9.3
2016-06-13 CVE-2016-2477 Google Improper Input Validation vulnerability in Google Android

mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27251096.

9.3
2016-06-13 CVE-2016-2476 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27207275.

9.3
2016-06-13 CVE-2016-2474 Google Privilege Escalation vulnerability in Google Nexus Qualcomm Wi-Fi Driver

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603.

9.3
2016-06-13 CVE-2016-2473 Google Unspecified vulnerability in Google Android

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27777501.

9.3
2016-06-13 CVE-2016-2472 Google Unspecified vulnerability in Google Android

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27776888.

9.3
2016-06-13 CVE-2016-2471 Google Unspecified vulnerability in Google Android

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27773913.

9.3
2016-06-13 CVE-2016-2470 Google Unspecified vulnerability in Google Android

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27662174.

9.3
2016-06-13 CVE-2016-2469 Google Privilege Escalation vulnerability in Google Nexus Qualcomm Sound Driver

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992.

9.3
2016-06-13 CVE-2016-2468 Google Unspecified vulnerability in Google Android

The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454.

9.3
2016-06-13 CVE-2016-2467 Google Unspecified vulnerability in Google Android

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010.

9.3
2016-06-13 CVE-2016-2466 Google Unspecified vulnerability in Google Android

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307.

9.3
2016-06-13 CVE-2016-2465 Google Privilege Escalation vulnerability in Google Nexus Qualcomm Video Driver

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865.

9.3
2016-06-13 CVE-2016-2464 Google Improper Input Validation vulnerability in Google Android

libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file, aka internal bug 23167726.

9.3
2016-06-19 CVE-2016-0912 Dell Permissions, Privileges, and Access Controls vulnerability in Dell EMC Data Domain OS

EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation.

9.0
2016-06-19 CVE-2016-4813 Netcommons Improper Access Control vulnerability in Netcommons

NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat (aka CLERK) users to gain privileges by creating a SYSTEM_ADMIN account.

9.0
2016-06-16 CVE-2016-3228 Microsoft Improper Input Validation vulnerability in Microsoft Windows Server 2008 and Windows Server 2012

Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."

9.0

51 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-06-16 CVE-2016-3062 Libav
Ffmpeg
Debian
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

8.8
2016-06-16 CVE-2016-4166 Adobe Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4155 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4154 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4153 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4152 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4151 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4150 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4149 Adobe
Redhat
Suse
Opensuse
Type Confusion vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4130 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4129 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4128 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4127 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4126 Adobe Unspecified vulnerability in Adobe AIR Desktop Runtime 1.0.0.215/21.0.0.198

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4125 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4124 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4123 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-16 CVE-2016-4122 Redhat
Adobe
Suse
Opensuse
Out-of-bounds Write vulnerability in multiple products

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

8.8
2016-06-13 CVE-2016-2834 Canonical
Opensuse
Mozilla
Novell
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
8.8
2016-06-13 CVE-2016-2831 Canonical
Mozilla
Debian
Opensuse
Improper Access Control vulnerability in multiple products

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.

8.8
2016-06-13 CVE-2016-2828 Canonical
Opensuse
Mozilla
Debian
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.
8.8
2016-06-13 CVE-2016-2824 Mozilla
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.

8.8
2016-06-13 CVE-2016-2819 Opensuse
Mozilla
Debian
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.

8.8
2016-06-13 CVE-2016-2818 Mozilla
Debian
Redhat
Novell
Opensuse
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

8.8
2016-06-13 CVE-2016-2815 Mozilla
Canonical
Novell
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

8.8
2016-06-13 CVE-2016-3698 Redhat
Libndp
Debian
Canonical
Improper Access Control vulnerability in multiple products

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.

8.1
2016-06-16 CVE-2016-3235 Microsoft Unspecified vulnerability in Microsoft Visio and Visio Viewer

Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."

7.8
2016-06-14 CVE-2016-5338 Qemu
Canonical
Debian
The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.
7.8
2016-06-13 CVE-2016-2826 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox

The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.

7.8
2016-06-16 CVE-2016-3207 Microsoft Improper Input Validation vulnerability in Microsoft Jscript and Vbscript

The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3206.

7.6
2016-06-16 CVE-2016-3206 Microsoft Improper Input Validation vulnerability in Microsoft Jscript and Vbscript

The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3205 and CVE-2016-3207.

7.6
2016-06-16 CVE-2016-3205 Microsoft Improper Input Validation vulnerability in Microsoft Jscript and Vbscript

The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3206 and CVE-2016-3207.

7.6
2016-06-16 CVE-2016-3202 Microsoft Improper Input Validation vulnerability in Microsoft Chakra Javascript, Jscript and Vbscript

The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

7.6
2016-06-19 CVE-2016-4819 DX Library Project Remote Code Execution vulnerability in DX Library Project DX Library 3.16B

The printfDx function in Takumi Yamada DX Library for Borland C++ 3.13f through 3.16b, DX Library for Gnu C++ 3.13f through 3.16b, and DX Library for Visual C++ 3.13f through 3.16b allows remote attackers to execute arbitrary code via a crafted string.

7.5
2016-06-16 CVE-2016-5300 Canonical
Debian
Libexpat Project
Google
Resource Management Errors vulnerability in multiple products

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document.

7.5
2016-06-16 CVE-2016-4167 Adobe Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe DNG Software Development KIT

Adobe DNG Software Development Kit (SDK) before 1.4 2016 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

7.5
2016-06-13 CVE-2016-4579 Gnupg
Opensuse
Canonical
Improper Input Validation vulnerability in multiple products

Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."

7.5
2016-06-13 CVE-2016-4574 Gnupg
Canonical
Opensuse
Numeric Errors vulnerability in multiple products

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data.

7.5
2016-06-13 CVE-2016-4356 Gnupg
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data.

7.5
2016-06-13 CVE-2016-4355 Gnupg
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

7.5
2016-06-13 CVE-2016-4354 Canonical
Gnupg
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

7.5
2016-06-13 CVE-2016-4353 Gnupg
Canonical
Improper Input Validation vulnerability in multiple products

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

7.5
2016-06-13 CVE-2016-5302 Citrix Improper Access Control vulnerability in Citrix Xenserver

Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.

7.5
2016-06-13 CVE-2016-4005 Huawei Cryptographic Issues vulnerability in Huawei Hilink APP

The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008.

7.5
2016-06-13 CVE-2016-2821 Mozilla
Debian
Opensuse
Canonical
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.
7.5
2016-06-13 CVE-2016-2463 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation, aka internal bug 27855419.

7.5
2016-06-19 CVE-2016-0911 Dell Permissions, Privileges, and Access Controls vulnerability in Dell EMC Data Domain OS

EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_root_squash option for NFS exports, which makes it easier for remote attackers to obtain filesystem access by leveraging client root privileges.

7.2
2016-06-17 CVE-2016-3643 Solarwinds Permissions, Privileges, and Access Controls vulnerability in Solarwinds Virtualization Manager

SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."

7.2
2016-06-16 CVE-2016-3231 Microsoft Data Processing Errors vulnerability in Microsoft Windows Diagnostics HUB

The Standard Collector service in Windows Diagnostics Hub mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Diagnostics Hub Elevation of Privilege Vulnerability."

7.2
2016-06-16 CVE-2016-2538 Qemu Numeric Errors vulnerability in Qemu

Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function.

7.1
2016-06-13 CVE-2016-2495 Google Improper Input Validation vulnerability in Google Android

SampleTable.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28076789.

7.1

84 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-06-16 CVE-2016-4158 Microsoft
Adobe
Permissions, Privileges, and Access Controls vulnerability in multiple products

Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

6.9
2016-06-16 CVE-2016-4157 Adobe Permissions, Privileges, and Access Controls vulnerability in Adobe Creative Cloud

Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

6.9
2016-06-16 CVE-2016-3225 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application that forwards an authentication request to an unintended service, aka "Windows SMB Server Elevation of Privilege Vulnerability."

6.9
2016-06-16 CVE-2016-3221 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3218.

6.9
2016-06-16 CVE-2016-3220 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

atmfd.dll in the Adobe Type Manager Font Driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "ATMFD.dll Elevation of Privilege Vulnerability."

6.9
2016-06-16 CVE-2016-3219 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 10 1511

The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

6.9
2016-06-16 CVE-2016-3218 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3221.

6.9
2016-06-19 CVE-2016-4820 Iodata Cross-Site Request Forgery (CSRF) vulnerability in Iodata Etx-R Firmware

Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users.

6.8
2016-06-19 CVE-2016-1397 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.

6.8
2016-06-18 CVE-2016-1432 Cisco Resource Management Errors vulnerability in Cisco IOS XE 3.15.0S/3.15.1S/3.16.0S

Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router devices allows remote authenticated users to cause a denial of service (NULL pointer dereference and card restart) via a crafted SNMP request, aka Bug ID CSCuu68862.

6.8
2016-06-13 CVE-2016-3677 Huawei 7PK - Security Features vulnerability in Huawei Hilink APP and Wear APP

The Huawei Wear App application before 15.0.0.307 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008.

6.8
2016-06-13 CVE-2016-2475 Google Improper Input Validation vulnerability in Google Android

The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges for certain system calls via a crafted application, aka internal bug 26425765.

6.8
2016-06-13 CVE-2016-2066 Linux Improper Privilege Management vulnerability in Linux Kernel

Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application that makes an ioctl call.

6.8
2016-06-13 CVE-2016-2061 Linux Improper Privilege Management vulnerability in Linux Kernel

Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call.

6.8
2016-06-16 CVE-2016-2392 Qemu
Canonical
The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet.
6.5
2016-06-16 CVE-2016-3201 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3215.

6.5
2016-06-13 CVE-2016-2174 Apache SQL Injection vulnerability in Apache Ranger 0.5.0/0.5.1/0.5.2

SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.

6.5
2016-06-13 CVE-2016-2822 Debian
Mozilla
Canonical
Opensuse
Improper Access Control vulnerability in multiple products

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.

6.5
2016-06-17 CVE-2016-5363 Openstack 7PK - Security Features vulnerability in Openstack Neutron

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.

6.4
2016-06-17 CVE-2016-5362 Openstack 7PK - Security Features vulnerability in Openstack Neutron

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.

6.4
2016-06-17 CVE-2015-8914 Openstack 7PK - Security Features vulnerability in Openstack Neutron

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.

6.4
2016-06-13 CVE-2015-8869 Fedoraproject
Opensuse
Ocaml
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.

6.4
2016-06-19 CVE-2016-1424 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS 15.2(1)T1.11/15.2(2)Tst

Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132.

6.1
2016-06-19 CVE-2016-4371 HP Cross-Site Request Forgery (CSRF) vulnerability in HP products

HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.

6.0
2016-06-16 CVE-2016-2841 Qemu
Canonical
Improper Input Validation vulnerability in multiple products

The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control.

6.0
2016-06-16 CVE-2012-6702 Libexpat Project
Google
Canonical
Debian
Cryptographic Issues vulnerability in multiple products

Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.

5.9
2016-06-19 CVE-2016-1195 Cybozu Open Redirection vulnerability in Cybozu Garoon

Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

5.8
2016-06-17 CVE-2016-5433 Citrix Improper Input Validation vulnerability in Citrix IOS Receiver

Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors.

5.8
2016-06-14 CVE-2016-5337 Qemu
Canonical
Debian
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
5.5
2016-06-19 CVE-2016-4811 NTT BP Improper Access Control vulnerability in Ntt-Bp Japan Connected-Free Wi-Fi 1.13.0/1.15.1

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified vectors.

5.1
2016-06-19 CVE-2016-1864 Apple Information Exposure vulnerability in Apple Iphone OS and Safari

The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL.

5.0
2016-06-19 CVE-2016-1191 Cybozu Path Traversal vulnerability in Cybozu Garoon

Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors.

5.0
2016-06-19 CVE-2016-1225 Trendmicro Information Exposure vulnerability in Trendmicro Internet Security 10.0/8.0

Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2016-06-19 CVE-2016-4821 Iodata Denial of Service vulnerability in I-O DATA DEVICE ETX-R

I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors.

5.0
2016-06-19 CVE-2016-4817 lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 mishandles HTTP/2 disconnection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted packet.
5.0
2016-06-19 CVE-2016-4815 Buffalo Path Traversal vulnerability in Buffalo products

Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2016-06-19 CVE-2016-4814 GSI Path Traversal vulnerability in GSI OLD GSI Maps

Directory traversal vulnerability in kml2jsonp.php in Geospatial Information Authority of Japan (aka GSI) Old_GSI_Maps before January 2015 on Windows allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2016-06-19 CVE-2016-1223 Trendmicro Path Traversal vulnerability in Trendmicro products

Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2016-06-18 CVE-2016-1427 Cisco Information Exposure vulnerability in Cisco Prime Network Registrar

The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.

5.0
2016-06-16 CVE-2016-2391 Qemu
Canonical
Debian
NULL Pointer Dereference vulnerability in multiple products

The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.

5.0
2016-06-16 CVE-2016-5361 Libreswan Improper Input Validation vulnerability in Libreswan

programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet.

5.0
2016-06-14 CVE-2016-5367 Huawei Information Exposure vulnerability in Huawei Honor Ws851 Firmware

Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors, aka HWPSIRT-2016-05053.

5.0
2016-06-14 CVE-2016-5366 Huawei Improper Access Control vulnerability in Huawei Honor Ws851 Firmware

Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to modify configuration data via vectors related to a "file injection vulnerability," aka HWPSIRT-2016-05052.

5.0
2016-06-13 CVE-2016-4478 Opensuse
Atheme
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.

5.0
2016-06-13 CVE-2016-4414 Opensuse
Quassel IRC
Fedoraproject
Remote Denial Of Service vulnerability in Quassel

The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.

5.0
2016-06-13 CVE-2014-9773 Opensuse
Atheme
Improper Access Control vulnerability in multiple products

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.

5.0
2016-06-13 CVE-2016-5104 Libimobiledevice
Canonical
Opensuse
Improper Access Control vulnerability in multiple products

The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.

5.0
2016-06-13 CVE-2016-1543 BMC Improper Access Control vulnerability in BMC Bladelogic Server Automation Console

The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure.

5.0
2016-06-13 CVE-2016-1542 BMC Improper Input Validation vulnerability in BMC Bladelogic Server Automation Console

The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.

5.0
2016-06-19 CVE-2016-4514 Moxa Incorrect Authorization vulnerability in Moxa Pt-7728 and Pt-7728 Firmware

Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.

4.6
2016-06-19 CVE-2016-0392 IBM Improper Access Control vulnerability in IBM products

IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program.

4.6
2016-06-19 CVE-2016-1862 Apple Information Exposure vulnerability in Apple mac OS X

Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.

4.3
2016-06-19 CVE-2016-1860 Apple Information Exposure vulnerability in Apple mac OS X

Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.

4.3
2016-06-19 CVE-2015-7776 Cybozu Information Exposure vulnerability in Cybozu Garoon

Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vulnerability than CVE-2016-1196.

4.3
2016-06-19 CVE-2016-1226 Trendmicro Cross-site Scripting vulnerability in Trendmicro Internet Security 10.0/8.0

Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2016-06-19 CVE-2016-1197 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775.

4.3
2016-06-19 CVE-2016-4816 Buffalo Information Exposure vulnerability in Buffalo products

BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.

4.3
2016-06-19 CVE-2016-1396 Cisco Cross-site Scripting vulnerability in Cisco products

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.

4.3
2016-06-19 CVE-2016-1224 Trendmicro Cross-site Scripting vulnerability in Trendmicro products

CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.

4.3
2016-06-19 CVE-2016-1183 Nttdata Permissions, Privileges, and Access Controls vulnerability in Nttdata Terasoluna Server Framework for Java web

NTT Data TERASOLUNA Server Framework for Java(WEB) 2.0.0.1 through 2.0.6.1, as used in Fujitsu Interstage Business Application Server and other products, allows remote attackers to bypass a file-extension protection mechanism, and consequently read arbitrary files, via a crafted pathname.

4.3
2016-06-18 CVE-2016-1431 Cisco Cross-site Scripting vulnerability in Cisco Firepower Management Center

Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516.

4.3
2016-06-16 CVE-2016-4164 Adobe Cross-site Scripting vulnerability in Adobe Brackets 1.6

Cross-site scripting (XSS) vulnerability in Adobe Brackets before 1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2016-06-16 CVE-2016-4159 Adobe Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2016-06-16 CVE-2016-3234 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."

4.3
2016-06-16 CVE-2016-3216 Microsoft Information Exposure vulnerability in Microsoft products

GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windows Graphics Component Information Disclosure Vulnerability."

4.3
2016-06-16 CVE-2016-3215 Microsoft Information Exposure vulnerability in Microsoft products

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3201.

4.3
2016-06-16 CVE-2016-3212 Microsoft Cross-site Scripting vulnerability in Microsoft Internet Explorer 10/11/9

The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulnerability."

4.3
2016-06-16 CVE-2016-3198 Microsoft 7PK - Security Features vulnerability in Microsoft Edge

Microsoft Edge allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted document, aka "Microsoft Edge Security Feature Bypass."

4.3
2016-06-16 CVE-2016-0028 Microsoft Information Exposure vulnerability in Microsoft Outlook web Access

Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka "Microsoft Exchange Information Disclosure Vulnerability."

4.3
2016-06-13 CVE-2016-3670 Liferay Cross-site Scripting vulnerability in Liferay Portal

Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.

4.3
2016-06-13 CVE-2016-2833 Opensuse
Mozilla
Canonical
7PK - Security Features vulnerability in multiple products

Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.

4.3
2016-06-13 CVE-2016-2832 Canonical
Mozilla
Opensuse
Information Exposure vulnerability in multiple products

Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.

4.3
2016-06-13 CVE-2016-2829 Canonical
Mozilla
Opensuse
Improper Access Control vulnerability in multiple products

Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.

4.3
2016-06-13 CVE-2016-2825 Canonical
Opensuse
Mozilla
Improper Access Control vulnerability in multiple products

Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.

4.3
2016-06-13 CVE-2016-2500 Google Information Exposure vulnerability in Google Android

Activity Manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not properly terminate process groups, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 19285814.

4.3
2016-06-13 CVE-2016-2499 Google Information Exposure vulnerability in Google Android

AudioSource.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not initialize certain data, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 27855172.

4.3
2016-06-13 CVE-2016-2498 Google Information Exposure vulnerability in Google Android 6.0/6.0.1

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to bypass intended data-access restrictions via a crafted application, aka internal bug 27777162.

4.3
2016-06-19 CVE-2016-4530 Osisoft Improper Input Validation vulnerability in Osisoft PI SQL Data Access Server 2016 1.5

OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message.

4.0
2016-06-19 CVE-2016-4518 Osisoft Improper Input Validation vulnerability in Osisoft PI AF Server 2016

OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message.

4.0
2016-06-19 CVE-2016-1196 Cybozu Permissions, Privileges, and Access Controls vulnerability in Cybozu Garoon

Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776.

4.0
2016-06-19 CVE-2016-1192 Cybozu Path Traversal vulnerability in Cybozu Garoon

Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors.

4.0
2016-06-16 CVE-2016-3687 F5 Open Redirect vulnerability in Multiple F5 BIG-IP Products

Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in the SSO_ORIG_URI parameter.

4.0
2016-06-16 CVE-2016-3226 Microsoft Improper Access Control vulnerability in Microsoft Windows Server 2008 and Windows Server 2012

Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability."

4.0
2016-06-13 CVE-2016-4911 Keystone Improper Access Control vulnerability in Keystone Openstack Identity 9.0.0.0

The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x before 9.0.1 (mitaka) allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2016-06-19 CVE-2015-7775 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon 4.0.3

Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-1197.

3.5
2016-06-19 CVE-2015-7462 IBM Information Exposure vulnerability in IBM Websphere MQ 8.0.0.4

IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the mqcertck program.

2.1
2016-06-16 CVE-2016-3232 Microsoft Information Exposure vulnerability in Microsoft Windows Server 2012 R2

The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted application, aka "Windows Virtual PCI Information Disclosure Vulnerability."

2.1
2016-06-14 CVE-2016-5238 Qemu
Canonical
Debian
Out-of-bounds Write vulnerability in multiple products

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

2.1
2016-06-16 CVE-2016-3230 Microsoft Improper Input Validation vulnerability in Microsoft products

The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to cause a denial of service (performance degradation) via a crafted application, aka "Windows Search Component Denial of Service Vulnerability."

1.9