Weekly Vulnerabilities Reports > February 6 to 12, 2017

Overview

219 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 63 high severity vulnerabilities. This weekly summary report vulnerabilities in 151 products from 82 vendors including Google, Linux, IBM, Gstreamer Project, and Debian. Vulnerabilities are notably categorized as "Information Exposure", "Cross-site Scripting", "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Out-of-bounds Read".

  • 181 reported vulnerabilities are remotely exploitables.
  • 11 reported vulnerabilities have public exploit available.
  • 46 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 200 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 55 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 17 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

21 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-02-09 CVE-2015-6024 Netcommwireless Command Injection vulnerability in Netcommwireless Hspa 3G10Wve Firmware 3G10Wvel101S306Etsc01R03

ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter.

10.0
2017-02-08 CVE-2016-8418 Google Improper Access Control vulnerability in Google Android

A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel.

10.0
2017-02-06 CVE-2016-10150 Linux Use After Free vulnerability in Linux Kernel

Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.

10.0
2017-02-08 CVE-2017-0450 Google Privilege Escalation vulnerability in Google Nexus Audioserver

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0430 Google
Linux
Privilege Escalation vulnerability in Google Nexus Broadcom Wi-Fi Driver

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

9.3
2017-02-08 CVE-2017-0429 Google
Linux
Out-of-bounds Write vulnerability in multiple products

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

9.3
2017-02-08 CVE-2017-0428 Google
Linux
Use After Free vulnerability in multiple products

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

9.3
2017-02-08 CVE-2017-0427 Google
Linux
Privilege Escalation vulnerability in Google Nexus Kernel File System

An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel.

9.3
2017-02-08 CVE-2017-0419 Google Privilege Escalation vulnerability in Google Android Audioserver

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0418 Google Out-of-bounds Write vulnerability in Google Android

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0417 Google Out-of-bounds Write vulnerability in Google Android

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0416 Google Out-of-bounds Write vulnerability in Google Android

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0415 Google Privilege Escalation vulnerability in Google Android Mediaserver

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0412 Google Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 7.0/7.1.0/7.1.1

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0411 Google Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 7.0/7.1.0/7.1.1

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0410 Google Integer Overflow or Wraparound vulnerability in Google Android

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process.

9.3
2017-02-08 CVE-2017-0407 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

9.3
2017-02-08 CVE-2017-0406 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

9.3
2017-02-08 CVE-2017-0405 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 7.0/7.1.0/7.1.1

A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.

9.3
2017-02-07 CVE-2016-1894 Netapp Improper Access Control vulnerability in Netapp Oncommand Workflow Automation 2.2.1/3.0

NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.

9.3
2017-02-07 CVE-2015-7599 Windriver Integer Overflow or Wraparound vulnerability in Windriver Vxworks

Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.

9.3

63 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-02-09 CVE-2017-3807 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow.

8.0
2017-02-09 CVE-2016-6173 Nlnetlabs Resource Management Errors vulnerability in Nlnetlabs NSD

NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.

7.8
2017-02-08 CVE-2017-0422 Google Improper Input Validation vulnerability in Google Android

A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot.

7.8
2017-02-06 CVE-2016-7448 Graphicsmagick
Debian
Opensuse
Resource Management Errors vulnerability in multiple products

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.

7.8
2017-02-08 CVE-2017-0449 Google
Linux
Privilege Escalation vulnerability in Google Nexus Broadcom Wi-Fi Driver

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0447 Google
Linux
Privilege Escalation vulnerability in Google Pixel/Pixel XL HTC touchscreen Driver

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0446 Google
Linux
Privilege Escalation vulnerability in Google Pixel/Pixel XL HTC touchscreen Driver

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0445 Google
Linux
Privilege Escalation vulnerability in Google Pixel/Pixel XL HTC touchscreen Driver

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0444 Google
Linux
Privilege Escalation vulnerability in Google Nexus Realtek Sound Driver

An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0443 Google
Linux
Privilege Escalation vulnerability in Google Nexus/ Pixel Products Qualcomm Wi-Fi Driver

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0442 Google
Linux
Classic Buffer Overflow vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0441 Google
Linux
Classic Buffer Overflow vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0440 Google
Linux
Classic Buffer Overflow vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0439 Google
Linux
Classic Buffer Overflow vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0438 Google
Linux
Classic Buffer Overflow vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0437 Google
Linux
Classic Buffer Overflow vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0436 Google
Linux
Privilege Escalation vulnerability in Google Nexus/ Pixel Products Qualcomm Sound Driver

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0435 Google
Linux
Privilege Escalation vulnerability in Google Nexus/ Pixel Products Qualcomm Sound Driver

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2017-0434 Google
Linux
Privilege Escalation vulnerability in Google Android Synaptics Touchscreen Driver

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset.

7.6
2017-02-08 CVE-2017-0433 Google
Linux
Privilege Escalation vulnerability in Google Android Synaptics Touchscreen Driver

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset.

7.6
2017-02-08 CVE-2017-0432 Linux Privilege Escalation vulnerability in Linux Kernel 3.10

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2016-8481 Google
Linux
Permissions, Privileges, and Access Controls vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2016-8480 Google
Linux
Permissions, Privileges, and Access Controls vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2016-8476 Google
Linux
Permissions, Privileges, and Access Controls vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2016-8421 Google
Linux
Permissions, Privileges, and Access Controls vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2016-8420 Google
Linux
Permissions, Privileges, and Access Controls vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-08 CVE-2016-8419 Google
Linux
Permissions, Privileges, and Access Controls vulnerability in multiple products

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.

7.6
2017-02-10 CVE-2017-5954 Serialize TO JS Project Deserialization of Untrusted Data vulnerability in Serialize-To-Js Project Serialize-To-Js 0.5.0

An issue was discovered in the serialize-to-js package 0.5.0 for Node.js.

7.5
2017-02-10 CVE-2017-5953 VIM Integer Overflow or Wraparound vulnerability in VIM

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

7.5
2017-02-09 CVE-2017-5941 Node Serialize Project Deserialization of Untrusted Data vulnerability in Node-Serialize Project Node-Serialize

An issue was discovered in the node-serialize package 0.0.4 for Node.js.

7.5
2017-02-09 CVE-2016-5726 Simplemachines Code Injection vulnerability in Simplemachines Simple Machines Forum 2.1

Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter.

7.5
2017-02-09 CVE-2016-3102 Jenkins 7PK - Security Features vulnerability in Jenkins Script Security

The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.

7.5
2017-02-09 CVE-2016-2148 Busybox
Debian
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.

7.5
2017-02-09 CVE-2016-10192 Ffmpeg Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg

Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.

7.5
2017-02-09 CVE-2016-10191 Ffmpeg Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg

Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.

7.5
2017-02-09 CVE-2016-10190 Ffmpeg Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg

Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.

7.5
2017-02-09 CVE-2015-6023 Netcommwireless Improper Access Control vulnerability in Netcommwireless Hspa 3G10Wve Firmware 3G10Wvel101S306Etsc01R03

ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request.

7.5
2017-02-08 CVE-2016-9005 IBM Improper Access Control vulnerability in IBM System Storage Ts3100-Ts3200 Tape Library

IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system.

7.5
2017-02-08 CVE-2016-8954 IBM Use of Hard-coded Credentials vulnerability in IBM Dashdb Local

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database.

7.5
2017-02-08 CVE-2017-2765 EMC Improper Authentication vulnerability in EMC Isilon Insightiq

EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system.

7.5
2017-02-07 CVE-2016-9639 Saltstack Improper Access Control vulnerability in Saltstack Salt

Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.

7.5
2017-02-07 CVE-2016-6667 Netapp Unspecified vulnerability in Netapp Oncommand Unified Manager for Clustered Data Ontap 6.3/6.4

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows remote attackers to execute arbitrary code via unspecified vectors.

7.5
2017-02-07 CVE-2016-2403 Sensiolabs Improper Authentication vulnerability in Sensiolabs Symfony

Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.

7.5
2017-02-07 CVE-2016-1502 Netapp Improper Authentication vulnerability in Netapp Snapcenter Server 1.0

NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via unspecified vectors.

7.5
2017-02-07 CVE-2016-7400 Exponentcms SQL Injection vulnerability in Exponentcms Exponent CMS

Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action.

7.5
2017-02-07 CVE-2016-6199 Gradle Deserialization of Untrusted Data vulnerability in Gradle 2.12

ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object.

7.5
2017-02-07 CVE-2016-6175 PHP Gettext Project Code Injection vulnerability in PHP-Gettext Project PHP-Gettext

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.

7.5
2017-02-07 CVE-2015-8608 Perl Out-of-bounds Read vulnerability in Perl 5.22

The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.

7.5
2017-02-06 CVE-2017-5677 Pear PHP Object Injection vulnerability in PEAR HTML_AJAX

PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer.

7.5
2017-02-06 CVE-2016-7447 Graphicsmagick
Debian
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.

7.5
2017-02-06 CVE-2016-7446 Graphicsmagick
Debian
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors.

7.5
2017-02-06 CVE-2017-5879 Exponentcms SQL Injection vulnerability in Exponentcms Exponent CMS 2.4.1

An issue was discovered in Exponent CMS 2.4.1.

7.5
2017-02-06 CVE-2015-2794 Dotnetnuke Permissions, Privileges, and Access Controls vulnerability in Dotnetnuke

The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx.

7.5
2017-02-09 CVE-2017-3813 Cisco Missing Authorization vulnerability in Cisco Anyconnect Secure Mobility Client

A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user.

7.2
2017-02-09 CVE-2017-5634 Norwegian AIR Exposure of Resource to Wrong Sphere vulnerability in Norwegian-Air Norwegian AIR Kiosk

The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog.

7.2
2017-02-07 CVE-2016-2779 Kernel Permissions, Privileges, and Access Controls vulnerability in Kernel Util-Linux 2.24.21

runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

7.2
2017-02-07 CVE-2016-10044 Linux
Google
Permissions, Privileges, and Access Controls vulnerability in Linux Kernel

The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.

7.2
2017-02-07 CVE-2014-9914 Linux
Google
Use After Free vulnerability in Linux Kernel

Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.

7.2
2017-02-06 CVE-2017-5576 Linux Integer Overflow or Wraparound vulnerability in Linux Kernel

Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call.

7.2
2017-02-06 CVE-2017-5548 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-02-06 CVE-2017-5547 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

7.2
2017-02-06 CVE-2017-5546 Linux Local Denial of Service vulnerability in Linux Kernel

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a large value for a random number.

7.2
2017-02-06 CVE-2016-10153 Linux Resource Management Errors vulnerability in Linux Kernel

The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging reliance on earlier net/ceph/crypto.c code.

7.2

108 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-02-08 CVE-2016-5934 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager Fastback

IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system.

6.9
2017-02-10 CVE-2016-8713 Gonitro Out-of-bounds Write vulnerability in Gonitro Nitro PDF PRO 10.5.5.9

A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9.

6.8
2017-02-10 CVE-2016-8711 Gonitro Improper Input Validation vulnerability in Gonitro Nitro PDF PRO 10.5.5.9/10.5.9.9

A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10.

6.8
2017-02-10 CVE-2016-8709 Gonitro Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gonitro Nitro PDF PRO 10.5.5.9/10.5.9.9

A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.

6.8
2017-02-09 CVE-2016-5727 Simplemachines Code Injection vulnerability in Simplemachines Simple Machines Forum 2.1

LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop.

6.8
2017-02-08 CVE-2016-0214 IBM Improper Access Control vulnerability in IBM Bigfix Platform

IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files.

6.8
2017-02-08 CVE-2017-0409 Google Arbitrary Code Execution vulnerability in Google Android libstagefright

A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process.

6.8
2017-02-08 CVE-2017-0408 Google Remote Code Execution vulnerability in Google Android 7.1.1

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process.

6.8
2017-02-07 CVE-2016-5711 Netapp Security Bypass vulnerability in NetApp Virtual Storage Console for VMware vSphere

NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a non-unique certificate, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.

6.8
2017-02-07 CVE-2016-5372 Netapp Cross-Site Request Forgery (CSRF) vulnerability in Netapp Snap Creator Framework

Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.

6.8
2017-02-07 CVE-2016-3180 TOR Browser Launcher Project 7PK - Security Features vulnerability in TOR Browser Launcher Project TOR Browser Launcher 0.2.3

Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and a signature file with the valid tarball and signature.

6.8
2017-02-07 CVE-2016-2539 Atutor Cross-Site Request Forgery (CSRF) vulnerability in Atutor

Cross-site request forgery (CSRF) vulnerability in install_modules.php in ATutor before 2.2.2 allows remote attackers to hijack the authentication of users for requests that upload arbitrary files and execute arbitrary PHP code via vectors involving a crafted zip file.

6.8
2017-02-06 CVE-2017-5368 Zoneminder Cross-Site Request Forgery (CSRF) vulnerability in Zoneminder 1.29.0/1.30.0

ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim.

6.8
2017-02-09 CVE-2016-8494 Fortinet Permissions, Privileges, and Access Controls vulnerability in Fortinet Connect

Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme.

6.5
2017-02-09 CVE-2015-8832 Dotclear Improper Access Control vulnerability in Dotclear

Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with "manage their own media items" and "manage their own entries and comments" permissions to execute arbitrary PHP code by uploading a file with a (1) .pht, (2) .phps, or (3) .phtml extension.

6.5
2017-02-07 CVE-2015-8322 Netapp Arbitrary Code Execution vulnerability in Netapp Data Ontap 8.3/8.3.1

NetApp OnCommand System Manager 8.3.x before 8.3.2 allows remote authenticated users to execute arbitrary code via unspecified vectors.

6.5
2017-02-07 CVE-2016-6104 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security KEY Lifecycle Manager

IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system.

6.5
2017-02-12 CVE-2017-3302 Oracle
Mariadb
Debian
Redhat
Use After Free vulnerability in multiple products

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.

5.0
2017-02-09 CVE-2017-5848 Gstreamer Project
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.

5.0
2017-02-09 CVE-2017-5847 Gstreamer Project
Debian
Out-of-bounds Read vulnerability in multiple products

The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

5.0
2017-02-09 CVE-2017-5845 Gstreamer Project Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer

The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.

5.0
2017-02-09 CVE-2017-5843 Gstreamer Project Use After Free vulnerability in Gstreamer Project Gstreamer

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.

5.0
2017-02-09 CVE-2017-5841 Gstreamer Project Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer

The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.

5.0
2017-02-09 CVE-2017-5840 Gstreamer Project Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer

The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.

5.0
2017-02-09 CVE-2017-5839 Gstreamer Project Uncontrolled Recursion vulnerability in Gstreamer Project Gstreamer

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.

5.0
2017-02-09 CVE-2017-5838 Gstreamer Project Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer

The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.

5.0
2017-02-09 CVE-2016-9244 F5 Information Exposure vulnerability in F5 products

A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory.

5.0
2017-02-09 CVE-2016-6171 Knot DNS Project
Knot DNS
Resource Exhaustion vulnerability in Knot-Dns Knot DNS 2.1.1/2.2.0/2.2.1

Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.

5.0
2017-02-09 CVE-2016-4986 Jenkins Path Traversal vulnerability in Jenkins TAP

Directory traversal vulnerability in the TAP plugin before 1.25 in Jenkins allows remote attackers to read arbitrary files via an unspecified parameter.

5.0
2017-02-09 CVE-2016-2147 Busybox
Debian
Canonical
Integer Overflow or Wraparound vulnerability in multiple products

Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.

5.0
2017-02-09 CVE-2016-10199 Gstreamer Project Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer

The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.

5.0
2017-02-08 CVE-2016-9686 Puppet Improper Input Validation vulnerability in Puppet Enterprise 2016.4.0/2016.4.2/2016.5.1

The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes.

5.0
2017-02-08 CVE-2016-0210 IBM Information Exposure vulnerability in IBM Sterling B2B Integrator 5.1/5.2

IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information.

5.0
2017-02-07 CVE-2016-4341 Netapp Information Exposure vulnerability in Netapp Clustered Data Ontap

NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors.

5.0
2017-02-07 CVE-2016-3124 Simplesamlphp Information Exposure vulnerability in Simplesamlphp

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors.

5.0
2017-02-07 CVE-2015-8544 Netapp Information Exposure vulnerability in Netapp Snapdrive 6.2.0.5007/6.2.1.5029/6.3.0.4601

NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2017-02-07 CVE-2016-7164 Libtorrent Improper Input Validation vulnerability in Libtorrent 1.1

The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response.

5.0
2017-02-07 CVE-2016-6131 GNU Improper Input Validation vulnerability in GNU Libiberty

The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.

5.0
2017-02-07 CVE-2016-1504 Dhcpcd Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dhcpcd Project Dhcpcd

dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.

5.0
2017-02-06 CVE-2016-9772 Openafs Information Exposure vulnerability in Openafs

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.

5.0
2017-02-06 CVE-2016-7800 Graphicsmagick
Opensuse
Debian
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

5.0
2017-02-06 CVE-2016-7449 Graphicsmagick
Debian
Opensuse
Out-of-bounds Read vulnerability in multiple products

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

5.0
2017-02-06 CVE-2017-5577 Linux 7PK - Errors vulnerability in Linux Kernel

The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.

4.9
2017-02-06 CVE-2017-2596 Linux Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel

The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.

4.9
2017-02-06 CVE-2016-10208 Linux Out-of-bounds Read vulnerability in Linux Kernel

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.

4.9
2017-02-06 CVE-2016-10154 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel 4.9

The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a scatterlist.

4.9
2017-02-06 CVE-2010-5328 Linux Improper Input Validation vulnerability in Linux Kernel

include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this process group.

4.9
2017-02-09 CVE-2017-5940 Firejail Project Improper Privilege Management vulnerability in Firejail Project Firejail

Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.

4.6
2017-02-09 CVE-2017-5180 Firejail Project Missing Authorization vulnerability in Firejail Project Firejail

Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.

4.6
2017-02-06 CVE-2017-2583 Linux Privilege Escalation vulnerability in Linux Kernel

The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.

4.6
2017-02-07 CVE-2016-3063 Netapp Improper Encoding or Escaping of Output vulnerability in Netapp Oncommand System Manager 2.0.2/2.1/2.2

Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.

4.4
2017-02-12 CVE-2017-5964 Emoncms
Openenergymonitor
Cross-site Scripting vulnerability in Openenergymonitor Emoncms

An issue was discovered in Emoncms through 9.8.0.

4.3
2017-02-12 CVE-2017-5963 Caddy Project Cross-site Scripting vulnerability in Caddy Project Caddy

An issue was discovered in caddy (for TYPO3) before 7.2.10.

4.3
2017-02-12 CVE-2017-5962 Netresearch Cross-site Scripting vulnerability in Netresearch Contexts Wurfl

An issue was discovered in contexts_wurfl (for TYPO3) before 0.4.2.

4.3
2017-02-12 CVE-2017-5961 Ionizecms Cross-site Scripting vulnerability in Ionizecms Ionize

An issue was discovered in ionize through 1.0.8.

4.3
2017-02-12 CVE-2017-5960 Phalconeye Project Cross-site Scripting vulnerability in Phalconeye Project Phalconeye 0.4.0/0.4.1

An issue was discovered in Phalcon Eye through 0.4.1.

4.3
2017-02-10 CVE-2017-5945 Poodll Cross-site Scripting vulnerability in Poodll Moodle-Filter Poodll

An issue was discovered in the PoodLL Filter plugin through 3.0.20 for Moodle.

4.3
2017-02-10 CVE-2017-5942 WP Mail Project Cross-site Scripting vulnerability in WP Mail Project WP Mail 1.1

An issue was discovered in the WP Mail plugin before 1.2 for WordPress.

4.3
2017-02-10 CVE-2016-10216 Sivann Cross-site Scripting vulnerability in Sivann IT Items Database

An issue was discovered in IT ITems DataBase (ITDB) through 1.23.

4.3
2017-02-10 CVE-2016-10215 Fastspot Cross-site Scripting vulnerability in Fastspot Bigtree-Form-Builder

An issue was discovered in Fastspot BigTree bigtree-form-builder before 1.2.

4.3
2017-02-09 CVE-2017-5858 Conversejs Improper Input Validation vulnerability in Conversejs Converse.Js

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5606 Xabber Improper Input Validation vulnerability in Xabber

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5605 Movim Improper Input Validation vulnerability in Movim

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5604 Mcabber Improper Input Validation vulnerability in Mcabber

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5603 Jitsi Improper Input Validation vulnerability in Jitsi 2.5.5061/2.9.5544

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5602 Jappix Project Improper Input Validation vulnerability in Jappix Project Jappix

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5593 PSI Plus Improper Input Validation vulnerability in Psi-Plus Psi+ 0.16.563.580/0.16.571.627

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5592 Profanity Project Improper Input Validation vulnerability in Profanity Project Profanity 0.4.7/0.5.0

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5591 Sleekxmpp Project
Slixmpp Project
Poezio
Improper Input Validation vulnerability in multiple products

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5590 Chatsecure
ZOM
Improper Input Validation vulnerability in multiple products

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5589 Yaxim Improper Input Validation vulnerability in Yaxim Bruno and Yaxim

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.

4.3
2017-02-09 CVE-2017-5846 Gstreamer Project Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer

The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.

4.3
2017-02-09 CVE-2017-5844 Gstreamer Project Divide By Zero vulnerability in Gstreamer Project Gstreamer

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

4.3
2017-02-09 CVE-2017-5842 Gstreamer Project Out-of-bounds Write vulnerability in Gstreamer Project Gstreamer

The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.

4.3
2017-02-09 CVE-2017-5837 Gstreamer Project Divide By Zero vulnerability in Gstreamer Project Gstreamer

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.

4.3
2017-02-09 CVE-2016-4988 Jenkins Cross-site Scripting vulnerability in Jenkins Build Failure Analyzer

Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

4.3
2017-02-09 CVE-2016-10198 Gstreamer Project Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer

The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.

4.3
2017-02-09 CVE-2015-8936 Squidguard Cross-site Scripting vulnerability in Squidguard

Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link.

4.3
2017-02-09 CVE-2015-8831 Dotclear Cross-site Scripting vulnerability in Dotclear

Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment.

4.3
2017-02-08 CVE-2016-5902 IBM Cross-site Scripting vulnerability in IBM products

IBM Maximo Asset Management is vulnerable to cross-site scripting.

4.3
2017-02-08 CVE-2016-5900 IBM Information Exposure vulnerability in IBM Tealeaf Customer Experience ON Cloud Network Capture Add-On 16.1.01

IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the TLS certificate.

4.3
2017-02-08 CVE-2017-5933 Citrix Information Exposure vulnerability in Citrix Netscaler Application Delivery Controller Firmware

Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270.

4.3
2017-02-08 CVE-2016-8492 Fortinet Information Exposure vulnerability in Fortinet Fortios

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.

4.3
2017-02-08 CVE-2016-10213 A10Networks Information Exposure vulnerability in A10Networks Advanced Core Operating System

A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270.

4.3
2017-02-08 CVE-2016-10212 Radware Information Exposure vulnerability in Radware Alteon 30.0.5.10/30.2.1.1

Radware devices use the same value for the first two GCM nonces, which allows remote attackers to obtain the authentication key and spoof data via a "forbidden attack," a similar issue to CVE-2016-0270.

4.3
2017-02-08 CVE-2016-0270 IBM Information Exposure vulnerability in IBM Client Application Access, Domino and Notes

IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack." NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue.

4.3
2017-02-08 CVE-2017-0448 Google
Linux
Information Exposure vulnerability in multiple products

An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels.

4.3
2017-02-08 CVE-2017-0426 Google Information Exposure vulnerability in Google Android 7.0/7.1.0/7.1.1

An information disclosure vulnerability in the Filesystem could enable a local malicious application to access data outside of its permission levels.

4.3
2017-02-08 CVE-2017-0425 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels.

4.3
2017-02-08 CVE-2017-0424 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels.

4.3
2017-02-08 CVE-2017-0421 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications.

4.3
2017-02-08 CVE-2017-0420 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications.

4.3
2017-02-08 CVE-2017-0414 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications.

4.3
2017-02-08 CVE-2017-0413 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications.

4.3
2017-02-07 CVE-2016-6495 Netapp Information Exposure vulnerability in Netapp Data Ontap

NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access.

4.3
2017-02-07 CVE-2016-6096 IBM Cross-site Scripting vulnerability in IBM products

IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to cross-site scripting.

4.3
2017-02-07 CVE-2016-3020 IBM Improper Access Control vulnerability in IBM products

IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation.

4.3
2017-02-06 CVE-2017-5367 Zoneminder Cross-site Scripting vulnerability in Zoneminder 1.29.0/1.30.0

Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute malicious scripts within an authenticated client's browser.

4.3
2017-02-06 CVE-2016-9532 Libtiff
Debian
Out-of-bounds Read vulnerability in multiple products

Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.

4.3
2017-02-06 CVE-2016-5102 Libtiff Improper Input Validation vulnerability in Libtiff

Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.

4.3
2017-02-06 CVE-2017-5877 Dotcms Cross-site Scripting vulnerability in Dotcms 3.7.0

XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /about-us/locations/index direction parameter.

4.3
2017-02-06 CVE-2017-5876 Dotcms Cross-site Scripting vulnerability in Dotcms 3.7.0

XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /news-events/events date parameter.

4.3
2017-02-09 CVE-2016-4987 Jenkins Path Traversal vulnerability in Jenkins Image Gallery

Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.

4.0
2017-02-08 CVE-2016-0308 IBM Improper Access Control vulnerability in IBM Connections

IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images.

4.0
2017-02-08 CVE-2016-0307 IBM Information Exposure vulnerability in IBM Connections

IBM Connections 5.5 and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned responses.

4.0
2017-02-08 CVE-2016-9748 IBM Information Exposure vulnerability in IBM products

IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.

4.0
2017-02-08 CVE-2016-2866 IBM Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management

An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user.

4.0
2017-02-07 CVE-2016-6094 IBM Information Exposure vulnerability in IBM products

IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 generates an error message that includes sensitive information about its environment, users, or associated data.

4.0

27 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2017-02-06 CVE-2017-5551 Linux Local Denial of Service vulnerability in Linux Kernel

The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

3.6
2017-02-09 CVE-2016-3101 Jenkins Cross-site Scripting vulnerability in Jenkins Extra Columns

Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter.

3.5
2017-02-08 CVE-2016-0310 IBM Cross-site Scripting vulnerability in IBM Connections

IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain.

3.5
2017-02-08 CVE-2016-0305 IBM Cross-site Scripting vulnerability in IBM Connections

IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.

3.5
2017-02-08 CVE-2017-1128 IBM Cross-site Scripting vulnerability in IBM products

IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.

3.5
2017-02-08 CVE-2017-1127 IBM Cross-site Scripting vulnerability in IBM products

IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.

3.5
2017-02-08 CVE-2016-6032 IBM Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management

IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.

3.5
2017-02-06 CVE-2017-5875 Dotcms Cross-site Scripting vulnerability in Dotcms 3.7.0

XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter.

3.5
2017-02-08 CVE-2017-0423 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Android

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device.

2.9
2017-02-08 CVE-2017-0451 Google
Linux
Information Exposure vulnerability in multiple products

An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels.

2.6
2017-02-08 CVE-2016-8414 Google
Linux
Information Exposure vulnerability in multiple products

An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels.

2.6
2017-02-08 CVE-2016-0206 IBM Improper Input Validation vulnerability in IBM Cloud Orchestrator

IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL.

2.1
2017-02-08 CVE-2016-0203 IBM Information Exposure vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator

A vulnerability has been identified in the IBM Cloud Orchestrator task API.

2.1
2017-02-08 CVE-2016-0202 IBM Information Exposure vulnerability in IBM Cloud Orchestrator

A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator.

2.1
2017-02-08 CVE-2015-7418 IBM Information Exposure vulnerability in IBM Websphere Extreme Scale

IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator privileges to obtain sensitive information.

2.1
2017-02-08 CVE-2015-1976 IBM Improper Access Control vulnerability in IBM Security Directory Server and Tivoli Directory Server

IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.

2.1
2017-02-08 CVE-2015-5013 IBM Information Exposure vulnerability in IBM products

The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.

2.1
2017-02-07 CVE-2016-6097 IBM Information Exposure vulnerability in IBM products

IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 allows web pages to be stored locally which can be read by another user on the system.

2.1
2017-02-07 CVE-2016-6092 IBM Information Exposure vulnerability in IBM products

IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 stores user credentials in plain in clear text which can be read by a local user.

2.1
2017-02-07 CVE-2016-2781 GNU Improper Input Validation vulnerability in GNU Coreutils

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

2.1
2017-02-07 CVE-2015-5677 Freebsd Information Exposure vulnerability in Freebsd 10.1/10.2/9.3

bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file.

2.1
2017-02-06 CVE-2017-5595 Zoneminder Information Exposure vulnerability in Zoneminder

A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile(), which allows an authenticated attacker to read local system files (e.g., /etc/passwd) in the context of the web server user (www-data).

2.1
2017-02-06 CVE-2017-5550 Linux Information Exposure vulnerability in Linux Kernel

Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision.

2.1
2017-02-06 CVE-2017-5549 Linux Information Exposure Through Log Files vulnerability in Linux Kernel

The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log.

2.1
2017-02-08 CVE-2016-5918 IBM
Microsoft
Information Exposure vulnerability in IBM Tivoli Storage Manager FOR Space Management

IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed.

1.9
2017-02-08 CVE-2015-7493 IBM Information Exposure vulnerability in IBM Infosphere Information Server

IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information.

1.9
2017-02-08 CVE-2015-7494 IBM Improper Access Control vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator

A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API.

1.7