Weekly Vulnerabilities Reports > December 5 to 11, 2016
Overview
106 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 23 high severity vulnerabilities. This weekly summary report vulnerabilities in 56 products from 35 vendors including Phpmyadmin, Qemu, Debian, Opensuse, and Linux. Vulnerabilities are notably categorized as "Information Exposure", "Improper Input Validation", "7PK - Security Features", "Missing Release of Resource after Effective Lifetime", and "Cross-site Scripting".
- 76 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities have public exploit available.
- 25 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 67 reported vulnerabilities are exploitable by an anonymous user.
- Phpmyadmin has the most reported vulnerabilities, with 48 reported vulnerabilities.
- Siemens has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
3 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-12-11 | CVE-2016-6629 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. | 10.0 |
2016-12-09 | CVE-2016-9013 | Djangoproject Canonical Fedoraproject | Use of Hard-coded Credentials vulnerability in multiple products Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary. | 9.8 |
2016-12-05 | CVE-2016-9157 | Siemens | Improper Access Control vulnerability in Siemens Sicam Pas/Pqs A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP. | 9.8 |
23 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-12-11 | CVE-2016-6631 | Phpmyadmin | OS Command Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 8.5 |
2016-12-09 | CVE-2016-9014 | Fedoraproject Canonical Djangoproject | Permissions, Privileges, and Access Controls vulnerability in multiple products Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS. | 8.1 |
2016-12-09 | CVE-2016-6301 | Busybox | Resource Management Errors vulnerability in Busybox The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop. | 7.8 |
2016-12-08 | CVE-2016-9120 | Linux | Use After Free vulnerability in Linux Kernel Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time. | 7.8 |
2016-12-08 | CVE-2015-8967 | Google Linux | Permissions, Privileges, and Access Controls vulnerability in multiple products arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access. | 7.8 |
2016-12-08 | CVE-2016-8655 | Linux Canonical | Use After Free vulnerability in multiple products Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions. | 7.8 |
2016-12-11 | CVE-2016-9865 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 7.5 |
2016-12-11 | CVE-2016-9849 | Phpmyadmin | Permissions, Privileges, and Access Controls vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 7.5 |
2016-12-11 | CVE-2016-6620 | Phpmyadmin | Deserialization of Untrusted Data vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 7.5 |
2016-12-09 | CVE-2016-6501 | Jfrog | Improper Input Validation vulnerability in Jfrog Artifactory JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning. | 7.5 |
2016-12-09 | CVE-2016-6496 | Atlassian | Improper Input Validation vulnerability in Atlassian Crowd The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning. | 7.5 |
2016-12-09 | CVE-2016-6321 | GNU | Path Traversal vulnerability in GNU TAR Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. | 7.5 |
2016-12-09 | CVE-2016-6829 | Barclamp Trove Project Crowbar Openstack Project | Use of Hard-coded Credentials vulnerability in multiple products The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp (aka barclamp-trove and crowbar-barclamp-trove) in the Crowbar Framework has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors. | 7.5 |
2016-12-09 | CVE-2016-8858 | Openbsd | Resource Management Errors vulnerability in Openbsd Openssh The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. | 7.5 |
2016-12-08 | CVE-2016-9919 | Linux | Improper Input Validation vulnerability in Linux Kernel The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet. | 7.5 |
2016-12-08 | CVE-2016-9839 | Osgeo | Information Exposure vulnerability in Osgeo Mapserver In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails. | 7.5 |
2016-12-05 | CVE-2016-8740 | Apache | Resource Management Errors vulnerability in Apache Http Server The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request. | 7.5 |
2016-12-05 | CVE-2016-9836 | Joomla | Improper Access Control vulnerability in Joomla Joomla! The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. | 7.5 |
2016-12-05 | CVE-2016-9835 | Zikula | Command Injection vulnerability in Zikula Application Framework Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x before 1.4.4 on Windows allows a remote attacker to launch a PHP object injection by uploading a serialized file. | 7.5 |
2016-12-05 | CVE-2016-9156 | Siemens | Improper Access Control vulnerability in Siemens Sicam Pas/Pqs A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP. | 7.3 |
2016-12-08 | CVE-2015-8966 | Linux | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call. | 7.2 |
2016-12-08 | CVE-2016-8102 | Intel | Permissions, Privileges, and Access Controls vulnerability in Intel Wireless Bluetooth Drivers Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. | 7.2 |
2016-12-06 | CVE-2016-5341 | Improper Access Control vulnerability in Google Android The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a denial of service (GPS signal-acquisition delay) via an incorrect xtra.bin or xtra2.bin file on a spoofed Qualcomm gpsonextra.net or izatcloud.net host, aka internal bug 31470303 and external bug 211602 (and AndroidID-7225554). | 7.1 |
74 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-12-11 | CVE-2016-9866 | Phpmyadmin | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.8 |
2016-12-11 | CVE-2016-6633 | Phpmyadmin | Remote Code Execution vulnerability in phpMyAdmin An issue was discovered in phpMyAdmin. | 6.8 |
2016-12-11 | CVE-2016-6628 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.8 |
2016-12-11 | CVE-2016-6617 | Phpmyadmin | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.8 |
2016-12-11 | CVE-2016-6616 | Phpmyadmin | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.8 |
2016-12-09 | CVE-2015-8786 | Oracle Pivotal Software | Resource Management Errors vulnerability in multiple products The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter. | 6.8 |
2016-12-08 | CVE-2016-8103 | Intel | Permissions, Privileges, and Access Controls vulnerability in Intel products SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform. | 6.8 |
2016-12-05 | CVE-2016-7171 | Netapp | Improper Certificate Validation vulnerability in Netapp Plug-In NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation. | 6.8 |
2016-12-11 | CVE-2016-6619 | Phpmyadmin | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.5 |
2016-12-11 | CVE-2016-6609 | Phpmyadmin | Command Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.5 |
2016-12-10 | CVE-2016-9832 | PWC | Injection vulnerability in PWC Ace-Advanced Business Application Programming 8.10.304 PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report. | 6.5 |
2016-12-09 | CVE-2016-5423 | Debian Postgresql | NULL Pointer Dereference vulnerability in multiple products PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. | 6.5 |
2016-12-11 | CVE-2016-9864 | Phpmyadmin | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 6.0 |
2016-12-10 | CVE-2016-7995 | Qemu Opensuse | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes. | 6.0 |
2016-12-10 | CVE-2016-7466 | Qemu Opensuse Redhat | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device. | 6.0 |
2016-12-10 | CVE-2016-7422 | Qemu Opensuse Redhat | Classic Buffer Overflow vulnerability in multiple products The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. | 6.0 |
2016-12-10 | CVE-2016-7116 | Qemu Debian | Path Traversal vulnerability in multiple products Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. | 6.0 |
2016-12-10 | CVE-2016-6836 | Qemu Debian | Improper Initialization vulnerability in multiple products The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object. | 6.0 |
2016-12-10 | CVE-2016-6835 | Qemu Redhat Debian | The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length. | 6.0 |
2016-12-10 | CVE-2016-4964 | Qemu | Unspecified vulnerability in Qemu The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state. | 6.0 |
2016-12-09 | CVE-2016-9106 | Qemu Opensuse Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. | 6.0 |
2016-12-09 | CVE-2016-9105 | Qemu Opensuse Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object. | 6.0 |
2016-12-09 | CVE-2016-9103 | Qemu Debian | Information Exposure vulnerability in multiple products The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them. | 6.0 |
2016-12-09 | CVE-2016-9102 | Qemu Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number. | 6.0 |
2016-12-08 | CVE-2016-9920 | Roundcube | Improper Access Control vulnerability in Roundcube Webmail steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated users to execute arbitrary code via a modified HTTP request that sends a crafted e-mail message. | 6.0 |
2016-12-11 | CVE-2016-6626 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.8 |
2016-12-06 | CVE-2015-8870 | Libtiff | Improper Input Validation vulnerability in Libtiff Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. | 5.8 |
2016-12-11 | CVE-2016-6611 | Phpmyadmin | SQL Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.1 |
2016-12-11 | CVE-2016-9863 | Phpmyadmin | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9862 | Phpmyadmin | Code Injection vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9861 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9859 | Phpmyadmin | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9858 | Phpmyadmin | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9855 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9854 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9853 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9852 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9851 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9850 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9848 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-9847 | Phpmyadmin | Cryptographic Issues vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-6627 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.0 |
2016-12-11 | CVE-2016-6606 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in cookie encryption in phpMyAdmin. | 5.0 |
2016-12-08 | CVE-2016-9918 | Bluez Project | Out-of-bounds Read vulnerability in Bluez Project Bluez 5.42 In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. | 5.0 |
2016-12-08 | CVE-2016-9917 | Bluez | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42 In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. | 5.0 |
2016-12-09 | CVE-2016-5424 | Debian Postgresql | Code Injection vulnerability in multiple products PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation. | 4.6 |
2016-12-10 | CVE-2016-7421 | Qemu Debian | Excessive Iteration vulnerability in multiple products The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the ring size. | 4.4 |
2016-12-10 | CVE-2016-7170 | Qemu Debian Opensuse | Improper Validation of Array Index vulnerability in multiple products The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command. | 4.4 |
2016-12-10 | CVE-2016-7157 | Qemu | Unspecified vulnerability in Qemu The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via vectors involving MPTSAS_CONFIG_PACK. | 4.4 |
2016-12-10 | CVE-2016-7156 | Qemu Debian | Incorrect Type Conversion or Cast vulnerability in multiple products The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast. | 4.4 |
2016-12-10 | CVE-2016-7155 | Qemu Debian | hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings. | 4.4 |
2016-12-10 | CVE-2016-6888 | Qemu Debian Redhat | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference. | 4.4 |
2016-12-10 | CVE-2016-6834 | Qemu Debian | Classic Buffer Overflow vulnerability in multiple products The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length. | 4.4 |
2016-12-10 | CVE-2016-6833 | Qemu Debian | Use After Free vulnerability in multiple products Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device is active. | 4.4 |
2016-12-10 | CVE-2016-6490 | Qemu | Classic Buffer Overflow vulnerability in Qemu The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer. | 4.4 |
2016-12-11 | CVE-2016-9860 | Phpmyadmin | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.3 |
2016-12-11 | CVE-2016-9857 | Phpmyadmin | Cross-site Scripting vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.3 |
2016-12-11 | CVE-2016-9856 | Phpmyadmin | Cross-site Scripting vulnerability in PHPmyadmin An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. | 4.3 |
2016-12-11 | CVE-2016-6632 | Phpmyadmin | Resource Management Errors vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. | 4.3 |
2016-12-11 | CVE-2016-6624 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. | 4.3 |
2016-12-11 | CVE-2016-6622 | Phpmyadmin | Resource Management Errors vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.3 |
2016-12-11 | CVE-2016-6615 | Phpmyadmin | Cross-site Scripting vulnerability in PHPmyadmin XSS issues were discovered in phpMyAdmin. | 4.3 |
2016-12-11 | CVE-2016-6614 | Phpmyadmin | Path Traversal vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. | 4.3 |
2016-12-11 | CVE-2016-6608 | Phpmyadmin | Cross-site Scripting vulnerability in PHPmyadmin XSS issues were discovered in phpMyAdmin. | 4.3 |
2016-12-11 | CVE-2016-6607 | Phpmyadmin | Cross-site Scripting vulnerability in PHPmyadmin XSS issues were discovered in phpMyAdmin. | 4.3 |
2016-12-09 | CVE-2016-6523 | Dotclear | Cross-site Scripting vulnerability in Dotclear Multiple cross-site scripting (XSS) vulnerabilities in the media manager in Dotclear before 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) q or (2) link_type parameter to admin/media.php. | 4.3 |
2016-12-08 | CVE-2016-9888 | Gnome | NULL Pointer Dereference vulnerability in Gnome Libgsf An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file. | 4.3 |
2016-12-05 | CVE-2016-9152 | Spip | Cross-site Scripting vulnerability in Spip 3.1.3 Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter. | 4.3 |
2016-12-11 | CVE-2016-6630 | Phpmyadmin | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.0 |
2016-12-11 | CVE-2016-6625 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.0 |
2016-12-11 | CVE-2016-6623 | Phpmyadmin | Improper Input Validation vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.0 |
2016-12-11 | CVE-2016-6618 | Phpmyadmin | Denial of Service vulnerability in phpMyAdmin An issue was discovered in phpMyAdmin. | 4.0 |
2016-12-11 | CVE-2016-6612 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 4.0 |
2016-12-11 | CVE-2016-6610 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. | 4.0 |
6 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2016-12-11 | CVE-2016-4412 | Phpmyadmin | 7PK - Security Features vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 3.6 |
2016-12-11 | CVE-2016-6613 | Phpmyadmin | Information Exposure vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 2.1 |
2016-12-10 | CVE-2016-7994 | Qemu Opensuse | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands. | 2.1 |
2016-12-09 | CVE-2016-9104 | Qemu Debian Opensuse | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access. | 2.1 |
2016-12-09 | CVE-2016-9101 | Qemu Opensuse Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device. | 2.1 |
2016-12-08 | CVE-2016-8104 | Intel | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Proset/Wireless Software and Drivers Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service. | 2.1 |