7-zip — 7zip |
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file. |
2016-06-07 |
6.8 |
CVE-2016-2335 MISC SUSE |
apache — struts |
Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block access to a web site) via unspecified vectors. |
2016-06-07 |
5.0 |
CVE-2016-3093 SECTRACK CONFIRM |
apache — shiro |
Apache Shiro before 1.2.5, when a cipher key has not been configured for the “remember me” feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter. |
2016-06-07 |
6.8 |
CVE-2016-4437 BUGTRAQ MISC |
cisco — prime_network_analysis_module_software |
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889. |
2016-06-03 |
6.5 |
CVE-2016-1391 CISCO |
cisco — email_security_appliance |
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug ID CSCuv78533. |
2016-06-08 |
5.0 |
CVE-2016-1405 MISC CISCO |
cisco — aironet_access_point_software |
Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803. |
2016-06-09 |
6.8 |
CVE-2016-1419 CISCO |
cisco — ip_phone_8800_series_firmware |
The web application on Cisco IP 8800 devices allows remote attackers to cause a denial of service (out-of-bounds memory access and web-server outage) via a crafted request, aka Bug ID CSCuz03034. |
2016-06-09 |
5.0 |
CVE-2016-1421 CISCO |
emc — isilon_onefs |
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges. |
2016-06-03 |
6.8 |
CVE-2016-0908 BUGTRAQ |
emc — data_domain_os |
EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via unspecified vectors. |
2016-06-09 |
4.3 |
CVE-2016-0910 BUGTRAQ |
epoch — web_mailing_list |
Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2016-06-04 |
4.3 |
CVE-2016-1211 CONFIRM JVNDB JVN |
f5 — big-ip_access_policy_manager |
Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake. |
2016-06-07 |
5.0 |
CVE-2016-4545 CONFIRM SECTRACK |
freetype — freetype |
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font. |
2016-06-07 |
5.0 |
CVE-2014-9747 MISC MLIST MLIST DEBIAN CONFIRM |
futomi — mp_form_mail_cgi |
Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors. |
2016-06-04 |
4.0 |
CVE-2016-1212 CONFIRM JVNDB JVN |
gnu — glibc |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458. |
2016-06-10 |
5.0 |
CVE-2016-3706 CONFIRM CONFIRM SUSE |
google — chrome |
The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors. |
2016-06-05 |
6.8 |
CVE-2016-1672 CONFIRM CONFIRM CONFIRM |
google — chrome |
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
2016-06-05 |
6.8 |
CVE-2016-1673 CONFIRM CONFIRM |
google — chrome |
The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
2016-06-05 |
6.8 |
CVE-2016-1674 CONFIRM CONFIRM |
google — chrome |
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp. |
2016-06-05 |
6.8 |
CVE-2016-1675 CONFIRM CONFIRM CONFIRM |
google — chrome |
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
2016-06-05 |
6.8 |
CVE-2016-1676 CONFIRM CONFIRM CONFIRM |
google — chrome |
uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging “type confusion.” |
2016-06-05 |
4.3 |
CVE-2016-1677 CONFIRM CONFIRM CONFIRM |
google — chrome |
objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. |
2016-06-05 |
6.8 |
CVE-2016-1678 CONFIRM CONFIRM CONFIRM |
google — chrome |
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. |
2016-06-05 |
6.8 |
CVE-2016-1679 CONFIRM CONFIRM CONFIRM |
google — chrome |
Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors. |
2016-06-05 |
6.8 |
CVE-2016-1680 CONFIRM CONFIRM CONFIRM |
google — chrome |
Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. |
2016-06-05 |
6.8 |
CVE-2016-1681 CONFIRM CONFIRM CONFIRM |
google — chrome |
The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration. |
2016-06-05 |
4.3 |
CVE-2016-1682 CONFIRM CONFIRM CONFIRM |
google — chrome |
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document. |
2016-06-05 |
5.1 |
CVE-2016-1683 CONFIRM CONFIRM CONFIRM CONFIRM |
google — chrome |
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document. |
2016-06-05 |
5.1 |
CVE-2016-1684 CONFIRM CONFIRM CONFIRM CONFIRM |
google — chrome |
core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. |
2016-06-05 |
4.3 |
CVE-2016-1685 CONFIRM CONFIRM CONFIRM |
google — chrome |
The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. |
2016-06-05 |
4.3 |
CVE-2016-1686 CONFIRM CONFIRM CONFIRM |
google — chrome |
The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions. |
2016-06-05 |
4.3 |
CVE-2016-1687 CONFIRM CONFIRM CONFIRM CONFIRM |
google — chrome |
The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code. |
2016-06-05 |
4.3 |
CVE-2016-1688 CONFIRM CONFIRM CONFIRM |
google — chrome |
Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site. |
2016-06-05 |
4.3 |
CVE-2016-1689 CONFIRM CONFIRM CONFIRM |
google — chrome |
The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701. |
2016-06-05 |
5.1 |
CVE-2016-1690 CONFIRM CONFIRM CONFIRM |
google — chrome |
Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp. |
2016-06-05 |
5.1 |
CVE-2016-1691 CONFIRM CONFIRM CONFIRM |
google — chrome |
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. |
2016-06-05 |
4.3 |
CVE-2016-1692 CONFIRM CONFIRM CONFIRM |
google — chrome |
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority. |
2016-06-05 |
4.3 |
CVE-2016-1694 CONFIRM CONFIRM CONFIRM |
google — chrome |
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. |
2016-06-05 |
6.8 |
CVE-2016-1695 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
google — chrome |
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
2016-06-05 |
6.8 |
CVE-2016-1696 CONFIRM CONFIRM CONFIRM |
google — chrome |
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. |
2016-06-05 |
6.8 |
CVE-2016-1697 CONFIRM CONFIRM CONFIRM |
google — chrome |
The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition. |
2016-06-05 |
4.3 |
CVE-2016-1698 CONFIRM CONFIRM CONFIRM |
google — chrome |
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL. |
2016-06-05 |
4.3 |
CVE-2016-1699 CONFIRM CONFIRM CONFIRM |
google — chrome |
extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions. |
2016-06-05 |
5.1 |
CVE-2016-1700 CONFIRM CONFIRM CONFIRM |
google — chrome |
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690. |
2016-06-05 |
6.8 |
CVE-2016-1701 CONFIRM CONFIRM CONFIRM |
google — chrome |
The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. |
2016-06-05 |
4.3 |
CVE-2016-1702 CONFIRM CONFIRM CONFIRM |
google — chrome |
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. |
2016-06-05 |
6.8 |
CVE-2016-1703 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
hp — systems_insight_manager |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030. |
2016-06-08 |
5.5 |
CVE-2016-2017 CONFIRM |
hp — systems_insight_manager |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors. |
2016-06-08 |
6.4 |
CVE-2016-2018 CONFIRM |
hp — systems_insight_manager |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2030. |
2016-06-08 |
4.7 |
CVE-2016-2022 CONFIRM |
hp — matrix_operating_environment |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027. |
2016-06-08 |
5.0 |
CVE-2016-2026 CONFIRM |
hp — matrix_operating_environment |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026. |
2016-06-08 |
5.0 |
CVE-2016-2027 CONFIRM |
hp — matrix_operating_environment |
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4357. |
2016-06-08 |
5.5 |
CVE-2016-2028 CONFIRM |
hp — matrix_operating_environment |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4358. |
2016-06-08 |
6.4 |
CVE-2016-2029 CONFIRM |
hp — systems_insight_manager |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2022. |
2016-06-08 |
5.5 |
CVE-2016-2030 CONFIRM |
hp — matrix_operating_environment |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029. |
2016-06-08 |
4.8 |
CVE-2016-4358 CONFIRM |
hp — loadrunner |
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to modify data or cause a denial of service via unspecified vectors, aka ZDI-CAN-3555. |
2016-06-08 |
6.4 |
CVE-2016-4360 CONFIRM |
hp — loadrunner |
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors. |
2016-06-08 |
5.0 |
CVE-2016-4361 CONFIRM |
hp — insight_control_server_deployment |
HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. |
2016-06-08 |
5.5 |
CVE-2016-4362 CONFIRM |
hp — insight_control_server_deployment |
HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors. |
2016-06-08 |
4.3 |
CVE-2016-4363 CONFIRM |
hp — insight_control_server_deployment |
HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors. |
2016-06-08 |
5.0 |
CVE-2016-4365 CONFIRM |
hp — universal_cmbd_foundation |
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors. |
2016-06-08 |
5.0 |
CVE-2016-4367 CONFIRM |
hp — discovery_and_dependency_mapping_inventory |
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. |
2016-06-08 |
6.5 |
CVE-2016-4369 CONFIRM |
hp — project_and_portfolio_management_center |
HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors. |
2016-06-09 |
6.5 |
CVE-2016-4370 CONFIRM |
ibm — java_sdk |
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods. |
2016-06-06 |
6.4 |
CVE-2015-5041 CONFIRM AIXAPAR SUSE SUSE SUSE SUSE |
ibm — java_sdk |
The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009. |
2016-06-03 |
6.8 |
CVE-2016-0363 MISC CONFIRM AIXAPAR FULLDISC FULLDISC REDHAT REDHAT SUSE SUSE SUSE SUSE SUSE |
ibm — java_sdk |
The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456. |
2016-06-03 |
5.1 |
CVE-2016-0376 BUGTRAQ MISC CONFIRM AIXAPAR FULLDISC REDHAT REDHAT SUSE SUSE SUSE SUSE SUSE |
idera — uptime_infrastructure_monitor |
The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via unspecified vectors. |
2016-06-09 |
5.0 |
CVE-2015-8268 CERT-VN CONFIRM CONFIRM |
imagemagick — imagemagick |
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. |
2016-06-04 |
6.8 |
CVE-2016-4562 CONFIRM CONFIRM |
imagemagick — imagemagick |
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. |
2016-06-04 |
6.8 |
CVE-2016-4563 CONFIRM CONFIRM |
katello — katello |
Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter. |
2016-06-07 |
6.5 |
CVE-2016-3072 CONFIRM CONFIRM REDHAT |
kmc_controls — bac-5051e_firmware |
Cross-site request forgery (CSRF) vulnerability on KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allows remote attackers to hijack the authentication of unspecified victims for requests that disclose the contents of a configuration file. |
2016-06-09 |
6.8 |
CVE-2016-4494 MISC |
kobe-beauty — php-contact-form |
Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. |
2016-06-04 |
4.3 |
CVE-2016-1222 CONFIRM CONFIRM JVNDB JVN |
markdown_on_saved_improved_project — markdown_on_saved_improved |
Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2016-06-04 |
4.3 |
CVE-2016-4812 CONFIRM JVNDB JVN |
nginx — nginx |
os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file. |
2016-06-07 |
5.0 |
CVE-2016-4450 UBUNTU SECTRACK DEBIAN MLIST |
ntt — webarena_service_formmail |
Cross-site scripting (XSS) vulnerability in NTT PC Communications WebARENA Service formmail before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2016-06-04 |
4.3 |
CVE-2016-1230 CONFIRM CONFIRM CONFIRM JVNDB JVN |
python — python |
The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. |
2016-06-07 |
4.3 |
CVE-2013-7440 CONFIRM CONFIRM CONFIRM REDHAT MLIST MLIST |
redhat — gluster_storage_management_console |
The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage Server), allows remote authenticated users to bypass the max_meta_count constraint via multiple crafted requests which exceed the limit when combined. |
2016-06-07 |
4.0 |
CVE-2014-8177 CONFIRM MLIST REDHAT REDHAT |
redhat — openshift |
Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another namespace by using the same name as a previously deleted namespace when creating a new namespace. |
2016-06-08 |
4.0 |
CVE-2016-2149 REDHAT |
redhat — openshift |
Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and a build is run in a namespace that would normally be isolated from pods in other namespaces, allows remote authenticated users to access network resources on restricted pods via an s2i build with a builder image that (1) contains ONBUILD commands or (2) does not contain a tar binary. |
2016-06-08 |
5.5 |
CVE-2016-3708 REDHAT |
redhat — openshift |
Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod. |
2016-06-08 |
6.5 |
CVE-2016-3738 REDHAT |
symantec — critical_system_protection |
SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. |
2016-06-08 |
6.5 |
CVE-2015-8157 CONFIRM BID |
symantec — critical_system_protection |
Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allow remote authenticated users to conduct argument-injection attacks by leveraging certain named-pipe access. |
2016-06-08 |
4.9 |
CVE-2015-8800 CONFIRM BID |
trihedral — vtscada |
The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors. |
2016-06-09 |
6.4 |
CVE-2016-4510 MISC |
trihedral — vtscada |
The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via unspecified vectors. |
2016-06-09 |
5.0 |
CVE-2016-4523 MISC |
trihedral — vtscada |
Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to read arbitrary files via a crafted pathname. |
2016-06-09 |
6.4 |
CVE-2016-4532 MISC |
vmware — vcenter_server |
Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote attackers to inject arbitrary web script or HTML via a Flash parameter. |
2016-06-08 |
4.3 |
CVE-2016-2078 CONFIRM |
xen — xen |
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore. |
2016-06-07 |
6.8 |
CVE-2016-4962 CONFIRM SECTRACK |
xen — xen |
The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion. |
2016-06-07 |
4.9 |
CVE-2016-5242 CONFIRM SECTRACK |
xmlsoft — libxml2 |
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. |
2016-06-09 |
5.0 |
CVE-2016-4447 DEBIAN CONFIRM CONFIRM UBUNTU MLIST |
xmlsoft — libxml2 |
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors. |
2016-06-09 |
5.8 |
CVE-2016-4449 DEBIAN CONFIRM CONFIRM UBUNTU MLIST |