Weekly Vulnerabilities Reports > January 16 to 22, 2017
Overview
135 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 26 high severity vulnerabilities. This weekly summary report vulnerabilities in 69 products from 48 vendors including Google, Zimbra, Synacor, Moodle, and Libtiff. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Use After Free", and "Information Exposure".
- 125 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 122 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 33 reported vulnerabilities.
- Samsung has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
3 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-01-18 | CVE-2016-6527 | Samsung | Permissions, Privileges, and Access Controls vulnerability in Samsung Mobile 5.0/5.1/6.0 The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | 9.3 |
2017-01-18 | CVE-2016-6526 | Samsung | Permissions, Privileges, and Access Controls vulnerability in Samsung Mobile 5.0/5.1/6.0 The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | 9.3 |
2017-01-18 | CVE-2014-9909 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 9.3 |
26 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-01-19 | CVE-2016-7545 | Selinux Project Fedoraproject Redhat | Improper Access Control vulnerability in multiple products SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | 8.8 |
2017-01-19 | CVE-2016-5213 | Use After Free vulnerability in Google Chrome A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2017-01-19 | CVE-2016-5211 | Use After Free vulnerability in Google Chrome A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 | |
2017-01-19 | CVE-2016-5210 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 | |
2017-01-19 | CVE-2016-5209 | Out-of-bounds Write vulnerability in Google Chrome Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2017-01-19 | CVE-2016-5206 | Improper Access Control vulnerability in Google Chrome The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page. | 8.8 | |
2017-01-19 | CVE-2016-5203 | Use After Free vulnerability in Google Chrome A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 | |
2017-01-19 | CVE-2016-5200 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2017-01-19 | CVE-2016-5199 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | 8.8 | |
2017-01-19 | CVE-2016-5198 | Google Redhat | Out-of-bounds Write vulnerability in multiple products V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page. | 8.8 |
2017-01-19 | CVE-2016-5197 | Improper Input Validation vulnerability in Google Chrome The content view client in Google Chrome prior to 54.0.2840.85 for Android insufficiently validated intent URLs, which allowed a remote attacker who had compromised the renderer process to start arbitrary activity on the system via a crafted HTML page. | 8.8 | |
2017-01-19 | CVE-2016-5196 | 7PK - Security Features vulnerability in Google Chrome The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HTML page. | 8.8 | |
2017-01-19 | CVE-2016-7543 | GNU Fedoraproject | Improper Input Validation vulnerability in multiple products Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. | 8.4 |
2017-01-17 | CVE-2017-5521 | Netgear | Unspecified vulnerability in Netgear products An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. | 8.1 |
2017-01-18 | CVE-2014-9910 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 | |
2017-01-20 | CVE-2017-5543 | Intelliants | Code Injection vulnerability in Intelliants Subrion 4.0.5 includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request. | 7.5 |
2017-01-19 | CVE-2016-7794 | Sociomantic | Improper Access Control vulnerability in Sociomantic Git-Hub sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name. | 7.5 |
2017-01-19 | CVE-2015-8212 | Netbsd | Improper Input Validation vulnerability in Netbsd CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program. | 7.5 |
2017-01-18 | CVE-2016-9679 | Citrix | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Provisioning Services Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer. | 7.5 |
2017-01-18 | CVE-2016-9678 | Citrix | Use After Free vulnerability in Citrix Provisioning Services Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2017-01-18 | CVE-2016-9676 | Citrix | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Provisioning Services Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2017-01-18 | CVE-2016-7996 | Graphicsmagick | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. | 7.5 |
2017-01-17 | CVE-2017-5519 | Metalgenix | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2017-01-17 | CVE-2017-5517 | Metalgenix | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the type parameter. | 7.5 |
2017-01-20 | CVE-2016-6253 | Netbsd | Link Following vulnerability in Netbsd mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox. | 7.2 |
2017-01-19 | CVE-2016-9016 | Firejail Project | Improper Access Control vulnerability in Firejail Project Firejail 0.9.38.4 Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | 7.2 |
101 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-01-19 | CVE-2016-7793 | Sociomantic | Improper Access Control vulnerability in Sociomantic Git-Hub sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL. | 6.8 |
2017-01-18 | CVE-2016-3406 | Zimbra Synacor | Cross-Site Request Forgery (CSRF) vulnerability in Synacor Zimbra Collaboration Suite Multiple cross-site request forgery (CSRF) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the Client uploader extension or (2) extension REST handlers, aka bugs 104294 and 104456. | 6.8 |
2017-01-18 | CVE-2016-7980 | Spip | Cross-Site Request Forgery (CSRF) vulnerability in Spip Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. | 6.8 |
2017-01-18 | CVE-2016-7144 | Unrealircd | Improper Authentication vulnerability in Unrealircd The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter. | 6.8 |
2017-01-18 | CVE-2016-2087 | Hexchat Project | Path Traversal vulnerability in Hexchat Project Hexchat 2.11.0 Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. | 6.8 |
2017-01-20 | CVE-2016-9436 | Opensuse Project Opensuse Tats | Improper Input Validation vulnerability in multiple products parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag. | 6.5 |
2017-01-20 | CVE-2016-9435 | Opensuse Project Opensuse Tats | Improper Input Validation vulnerability in multiple products The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags. | 6.5 |
2017-01-19 | CVE-2016-5223 | Integer Overflow or Wraparound vulnerability in Google Chrome Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption or DoS via a crafted PDF file. | 6.5 | |
2017-01-19 | CVE-2016-5222 | Improper Input Validation vulnerability in Google Chrome Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 | |
2017-01-19 | CVE-2016-5220 | Information Exposure vulnerability in Google Chrome PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file. | 6.5 | |
2017-01-19 | CVE-2016-5218 | Improper Input Validation vulnerability in Google Chrome The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox (URL bar) via a crafted HTML page containing PDF data. | 6.5 | |
2017-01-19 | CVE-2016-5217 | Improper Access Control vulnerability in Google Chrome The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page. | 6.5 | |
2017-01-19 | CVE-2016-5212 | Information Exposure vulnerability in Google Chrome Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android insufficiently sanitized DevTools URLs, which allowed a remote attacker to read local files via a crafted HTML page. | 6.5 | |
2017-01-19 | CVE-2016-5201 | Information Exposure vulnerability in Google Chrome A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page. | 6.5 | |
2017-01-18 | CVE-2016-7998 | Spip | Improper Input Validation vulnerability in Spip The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action. | 6.5 |
2017-01-17 | CVE-2017-5520 | Metalgenix | Unrestricted Upload of File with Dangerous Type vulnerability in Metalgenix Genixcms The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to rename and execute files with the `.php6`, `.php7` and `.phtml` extensions. | 6.5 |
2017-01-21 | CVE-2017-5545 | Libimobiledevice | Out-of-bounds Read vulnerability in Libimobiledevice Libplist The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short. | 6.4 |
2017-01-18 | CVE-2016-3415 | Zimbra Synacor | Deserialization of Untrusted Data vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration before 8.7.0 allows remote attackers to conduct deserialization attacks via unspecified vectors, aka bug 102276. | 6.4 |
2017-01-18 | CVE-2016-9584 | Libical Project | Use After Free vulnerability in Libical Project Libical 2.0 libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. | 6.4 |
2017-01-19 | CVE-2016-5221 | Integer Overflow or Wraparound vulnerability in Google Chrome Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page. | 6.3 | |
2017-01-19 | CVE-2016-5219 | Use After Free vulnerability in Google Chrome A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.3 | |
2017-01-19 | CVE-2016-5216 | Use After Free vulnerability in Google Chrome A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | 6.3 | |
2017-01-19 | CVE-2016-5215 | Use After Free vulnerability in Google Chrome A use after free in webaudio in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 6.3 | |
2017-01-19 | CVE-2016-5226 | Cross-site Scripting vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac executed javascript: URLs entered in the URL bar in the context of the current tab, which allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar. | 6.1 | |
2017-01-19 | CVE-2016-5208 | Cross-site Scripting vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android allowed possible corruption of the DOM tree during synchronous event handling, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | 6.1 | |
2017-01-19 | CVE-2016-5207 | Cross-site Scripting vulnerability in Google Chrome In Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android, corruption of the DOM tree could occur during the removal of a full screen element, which allowed a remote attacker to achieve arbitrary code execution via a crafted HTML page. | 6.1 | |
2017-01-19 | CVE-2016-5205 | Cross-site Scripting vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac, incorrectly handles deferred page loads, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | 6.1 | |
2017-01-19 | CVE-2016-5204 | Cross-site Scripting vulnerability in Google Chrome Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | 6.1 | |
2017-01-16 | CVE-2016-7904 | Cmsmadesimple | Cross-Site Request Forgery (CSRF) vulnerability in Cmsmadesimple CMS Made Simple Cross-site request forgery (CSRF) vulnerability in CMS Made Simple before 2.1.6 allows remote attackers to hijack the authentication of administrators for requests that create accounts via an admin/adduser.php request. | 6.0 |
2017-01-20 | CVE-2016-5014 | Moodle | Information Exposure vulnerability in Moodle In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course. | 5.8 |
2017-01-20 | CVE-2016-5013 | Moodle | Injection vulnerability in Moodle In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam. | 5.8 |
2017-01-18 | CVE-2016-10086 | CA IBM Linux Microsoft Oracle | Permissions, Privileges, and Access Controls vulnerability in CA Service Desk Management and Service Desk Manager RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request. | 5.5 |
2017-01-18 | CVE-2016-6896 | Wordpress | Path Traversal vulnerability in Wordpress 4.5.3 Directory traversal vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress 4.5.3 allows remote authenticated users to cause a denial of service or read certain text files via a .. | 5.5 |
2017-01-18 | CVE-2016-10147 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5). | 5.5 |
2017-01-20 | CVE-2016-5323 | Libtiff Opensuse | Divide By Zero vulnerability in multiple products The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. | 5.0 |
2017-01-20 | CVE-2014-9755 | Viprinet | Improper Input Validation vulnerability in Viprinet Multichannel VPN Router 300 Firmware 2013070830/2013080900 The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before initiating the exchange, which allows remote attackers to perform a replay attack. | 5.0 |
2017-01-20 | CVE-2017-5541 | Getsymphony | Path Traversal vulnerability in Getsymphony Symphony Directory traversal vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10 allows remote attackers to rename arbitrary files via a .. | 5.0 |
2017-01-20 | CVE-2017-2576 | Moodle | Improper Input Validation vulnerability in Moodle In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. | 5.0 |
2017-01-20 | CVE-2016-8644 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context. | 5.0 |
2017-01-20 | CVE-2016-8642 | Moodle | Improper Access Control vulnerability in Moodle In Moodle 2.x and 3.x, the question engine allows access to files that should not be available. | 5.0 |
2017-01-20 | CVE-2016-7038 | Moodle | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Moodle In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed. | 5.0 |
2017-01-20 | CVE-2016-5012 | Moodle | Information Exposure vulnerability in Moodle 3.1.0 In Moodle 3.x, glossary search displays entries without checking user permissions to view them. | 5.0 |
2017-01-20 | CVE-2016-10143 | Tiki | Information Exposure vulnerability in Tiki Tikiwiki Cms/Groupware 15.2 A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field. | 5.0 |
2017-01-18 | CVE-2016-9680 | Citrix | Information Exposure vulnerability in Citrix Provisioning Services Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors. | 5.0 |
2017-01-18 | CVE-2016-9677 | Citrix | Information Exposure vulnerability in Citrix Provisioning Services Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors. | 5.0 |
2017-01-18 | CVE-2016-6497 | Apache | 7PK - Security Features vulnerability in Apache Groovy Ldap main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods. | 5.0 |
2017-01-18 | CVE-2016-6271 | Bzrtp Project | 7PK - Security Features vulnerability in Bzrtp Project Bzrtp 1.0.0/1.0.2/1.0.3 The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception. | 5.0 |
2017-01-18 | CVE-2016-3413 | Zimbra Synacor | Security vulnerability in Synacor Zimbra Collaboration Suite Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103996. | 5.0 |
2017-01-18 | CVE-2016-3405 | Zimbra Synacor | Security vulnerability in Synacor Zimbra Collaboration Suite Multiple unspecified vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to affect integrity via unknown vectors, aka bugs 103961 and 104828. | 5.0 |
2017-01-18 | CVE-2016-3404 | Zimbra Synacor | Security vulnerability in Synacor Zimbra Collaboration Suite Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103959. | 5.0 |
2017-01-18 | CVE-2016-3402 | Zimbra Synacor | Security vulnerability in Synacor Zimbra Collaboration Suite Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect confidentiality via unknown vectors, aka bug 99167. | 5.0 |
2017-01-18 | CVE-2016-9297 | Libtiff | Out-of-bounds Read vulnerability in Libtiff 4.0.6 The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. | 5.0 |
2017-01-18 | CVE-2016-9279 | Samsung | Use After Free vulnerability in Samsung Exynos Fimg2D Driver Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2017-01-18 | CVE-2016-9109 | Artifex | Out-of-bounds Read vulnerability in Artifex Mujs Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. | 5.0 |
2017-01-18 | CVE-2016-7997 | Graphicsmagick | NULL Pointer Dereference vulnerability in Graphicsmagick The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer. | 5.0 |
2017-01-18 | CVE-2016-7982 | Spip | Path Traversal vulnerability in Spip Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action. | 5.0 |
2017-01-18 | CVE-2016-7564 | Artifex | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Mujs Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input. | 5.0 |
2017-01-18 | CVE-2016-7563 | Artifex | Out-of-bounds Read vulnerability in Artifex Mujs The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via a * (asterisk) at the end of the input. | 5.0 |
2017-01-18 | CVE-2016-6823 | Imagemagick | Integer Overflow or Wraparound vulnerability in Imagemagick Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write. | 5.0 |
2017-01-18 | CVE-2016-2233 | Hexchat Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hexchat Project Hexchat 2.10.2 Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message. | 5.0 |
2017-01-18 | CVE-2016-9278 | Samsung | Improper Input Validation vulnerability in Samsung Exynos Fimg2D Driver The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. | 4.9 |
2017-01-19 | CVE-2016-10075 | Tqdm Project | Code vulnerability in Tqdm Project Tqdm 4.10/4.4.1 The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory. | 4.6 |
2017-01-20 | CVE-2016-5321 | Opensuse Libtiff | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | 4.3 |
2017-01-20 | CVE-2016-5319 | Libtiff | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. | 4.3 |
2017-01-20 | CVE-2016-5318 | Libtiff | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libtiff Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. | 4.3 |
2017-01-20 | CVE-2016-5317 | Libtiff Opensuse Opensuse Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. | 4.3 |
2017-01-20 | CVE-2016-5316 | Libtiff Opensuse Opensuse Project | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | 4.3 |
2017-01-20 | CVE-2014-9754 | Viprinet | Improper Input Validation vulnerability in Viprinet Multichannel VPN Router 300 Firmware 2013070830/2013080900 The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before initiating the exchange, which allows an attacker to perform a Man in the Middle attack. | 4.3 |
2017-01-20 | CVE-2014-2045 | Viprinet | Cross-site Scripting vulnerability in Viprinet Multichannel VPN Router 300 Firmware 2013070830/2013080900 Multiple cross-site scripting (XSS) vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote attackers to inject arbitrary web script or HTML via the username when (1) logging in or (2) creating an account in the old interface, (3) username when creating an account in the new interface, (4) hostname in the old interface, (5) inspect parameter in the config module, (6) commands parameter in the atcommands tool, or (7) host parameter in the ping tool. | 4.3 |
2017-01-20 | CVE-2017-5542 | Getsymphony | Cross-site Scripting vulnerability in Getsymphony Symphony Cross-site scripting (XSS) vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10 allows remote attackers to inject arbitrary web script or HTML via the existing-folder parameter. | 4.3 |
2017-01-20 | CVE-2017-2578 | Moodle | Cross-site Scripting vulnerability in Moodle In Moodle 3.x, there is XSS in the assignment submission page. | 4.3 |
2017-01-19 | CVE-2016-5725 | Jcraft | Path Traversal vulnerability in Jcraft Jsch Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command. | 4.3 |
2017-01-19 | CVE-2016-9650 | Data Processing Errors vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled iframes, which allowed a remote attacker to bypass a no-referrer policy via a crafted HTML page. | 4.3 | |
2017-01-19 | CVE-2016-5225 | Data Processing Errors vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page. | 4.3 | |
2017-01-19 | CVE-2016-5224 | Numeric Errors vulnerability in Google Chrome A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page. | 4.3 | |
2017-01-19 | CVE-2016-5214 | Data Processing Errors vulnerability in Google Chrome Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded files, which allowed a remote attacker to prevent the downloaded file from receiving the Mark of the Web via a crafted HTML page. | 4.3 | |
2017-01-18 | CVE-2016-6283 | Atlassian | Cross-site Scripting vulnerability in Atlassian Confluence Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action. | 4.3 |
2017-01-18 | CVE-2016-4019 | Zimbra Synacor | Security vulnerability in Synacor Zimbra Collaboration Suite Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477. | 4.3 |
2017-01-18 | CVE-2016-3999 | Zimbra Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104552 and 104703. | 4.3 |
2017-01-18 | CVE-2016-3412 | Zimbra Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103997, 104413, 104414, 104777, and 104791. | 4.3 |
2017-01-18 | CVE-2016-3411 | Zimbra Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609. | 4.3 |
2017-01-18 | CVE-2016-3410 | Zimbra Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103956, 103995, 104475, 104838, and 104839. | 4.3 |
2017-01-18 | CVE-2016-3409 | Zimbra Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 102637. | 4.3 |
2017-01-18 | CVE-2016-3408 | Zimbra Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 101813. | 4.3 |
2017-01-18 | CVE-2016-3407 | Zimbra Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104222, 104910, 105071, and 105175. | 4.3 |
2017-01-18 | CVE-2016-6897 | Wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Wordpress Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896. | 4.3 |
2017-01-18 | CVE-2016-9273 | Libtiff | Out-of-bounds Read vulnerability in Libtiff 4.0.6 tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | 4.3 |
2017-01-18 | CVE-2016-7999 | Spip | Server-Side Request Forgery (SSRF) vulnerability in Spip ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action. | 4.3 |
2017-01-18 | CVE-2016-7981 | Spip | Cross-site Scripting vulnerability in Spip Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action. | 4.3 |
2017-01-18 | CVE-2016-7906 | Imagemagick | Use After Free vulnerability in Imagemagick 7.0.32 magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file. | 4.3 |
2017-01-18 | CVE-2016-7799 | Imagemagick Debian | Out-of-bounds Read vulnerability in multiple products MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | 4.3 |
2017-01-18 | CVE-2016-7149 | B2Evolution | Cross-site Scripting vulnerability in B2Evolution Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function. | 4.3 |
2017-01-18 | CVE-2016-7101 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file. | 4.3 |
2017-01-18 | CVE-2015-8684 | Exponentcms | Cross-site Scripting vulnerability in Exponentcms Exponent CMS Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality. | 4.3 |
2017-01-18 | CVE-2015-8667 | Exponentcms | Cross-site Scripting vulnerability in Exponentcms Exponent CMS Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the Username/Email. | 4.3 |
2017-01-17 | CVE-2017-5518 | Metalgenix | Server-Side Request Forgery (SSRF) vulnerability in Metalgenix Genixcms The media-file upload feature in GeniXCMS through 0.0.8 allows remote attackers to conduct SSRF attacks via a URL, as demonstrated by a URL with an intranet IP address. | 4.3 |
2017-01-17 | CVE-2017-5516 | Metalgenix | Cross-site Scripting vulnerability in Metalgenix Genixcms Multiple cross-site scripting (XSS) vulnerabilities in the user forms in GeniXCMS through 0.0.8 allow remote attackers to inject arbitrary web script or HTML via crafted parameters. | 4.3 |
2017-01-20 | CVE-2016-8643 | Moodle | Improper Access Control vulnerability in Moodle In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services. | 4.0 |
2017-01-18 | CVE-2016-3414 | Zimbra Synacor | Security vulnerability in Synacor Zimbra Collaboration Suite Unspecified vulnerability in Zimbra Collaboration before 8.6.0 Patch 7 allows remote authenticated users to affect availability via unknown vectors, aka bug 102029. | 4.0 |
2017-01-18 | CVE-2016-3401 | Zimbra Synacor | Security vulnerability in Synacor Zimbra Collaboration Suite Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote authenticated users to affect integrity via unknown vectors, aka bug 99810. | 4.0 |
2017-01-18 | CVE-2016-10148 | Wordpress | Improper Access Control vulnerability in Wordpress The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to wp-admin/admin-ajax.php, a related issue to CVE-2016-6896. | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2017-01-18 | CVE-2016-7150 | B2Evolution | Cross-site Scripting vulnerability in B2Evolution Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name. | 3.5 |
2017-01-17 | CVE-2017-5515 | Metalgenix | Cross-site Scripting vulnerability in Metalgenix Genixcms Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS through 0.0.8 allows remote authenticated users to inject arbitrary web script or HTML via tag names. | 3.5 |
2017-01-18 | CVE-2016-9844 | Unzip Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unzip Project Unzip 6.0 Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header. | 2.1 |
2017-01-18 | CVE-2014-9913 | Unzip Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unzip Project Unzip 6.0 Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. | 2.1 |
2017-01-16 | CVE-2017-5223 | Phpmailer Project | Information Exposure vulnerability in PHPmailer Project PHPmailer An issue was discovered in PHPMailer before 5.2.22. | 2.1 |