Uncategorized CVEs — 2016 (Page 1/19)

2016-12-29

Medium

CVE-2015-8818

The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service…

CVSS: 5.5CWE: N/A

High

CVE-2016-10081

/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.

CVSS: 7.8CWE: CWE-19

High

CVE-2015-0854

App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action.

CVSS: 7.8CWE: CWE-19

High

CVE-2016-7462

The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a rel…

CVSS: 8.5CWE: CWE-264

Critical

CVE-2016-7457

VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors.

CVSS: 10.0CWE: CWE-264

Critical

CVE-2016-7456

VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session.

CVSS: 9.8CWE: CWE-255

High

CVE-2016-7086

The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-2246

HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspe…

CVSS: 7.8CWE: CWE-264

2016-12-28

Medium

CVE-2016-9588

arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception…

CVSS: 5.5CWE: CWE-388

High

CVE-2016-6787

kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka…

CVSS: 7.0CWE: CWE-264

High

CVE-2016-6786

kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka…

CVSS: 7.0CWE: CWE-264

2016-12-27

Medium

CVE-2016-10072

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary co…

CVSS: 5.3CWE: CWE-264

High

CVE-2016-10031

WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged l…

CVSS: 7.5CWE: CWE-264

2016-12-26

Critical

CVE-2016-9223

A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privi…

CVSS: 9.8CWE: CWE-264

2016-12-25

High

CVE-2016-10041

An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisi…

CVSS: 7.5CWE: CWE-264

2016-12-23

Medium

CVE-2016-2312

Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.

CVSS: 6.8CWE: CWE-254

Medium

CVE-2016-9561

The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a cr…

CVSS: 5.5CWE: CWE-399

Medium

CVE-2016-7122

The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure.

CVSS: 5.5CWE: CWE-399

Medium

CVE-2016-6881

The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file.

CVSS: 5.5CWE: CWE-399

2016-12-20

High

CVE-2016-7292

The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Win…

CVSS: 7.8CWE: CWE-19

Medium

CVE-2016-7281

The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Sec…

CVSS: 5.3CWE: CWE-254

High

CVE-2016-7275

Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loadin…

CVSS: 7.8CWE: CWE-19

High

CVE-2016-7274

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows…

CVSS: 8.8CWE: CWE-19

High

CVE-2016-7273

The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code…

CVSS: 8.8CWE: CWE-19

High

CVE-2016-7272

The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607…

CVSS: 8.8CWE: CWE-19

High

CVE-2016-7271

The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to bypass the virtual trust level (VTL) protection mechanism via a crafte…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-7270

The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mishandles a developer-supplied key, which allows remote attackers to bypass the Always Encrypted protection mechanism and obtain se…

CVSS: 7.5CWE: CWE-310

High

CVE-2016-7262

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary comm…

CVSS: 7.8CWE: N/A

High

CVE-2016-7260

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 160…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-7259

The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Wind…

CVSS: 7.8CWE: CWE-19

2016-12-16

Medium

CVE-2016-8826

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) where a user can cause a GPU interrupt storm, leading to a…

CVSS: 5.5CWE: CWE-399

Critical

CVE-2016-9967

Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily re…

CVSS: 9.8CWE: CWE-388

Critical

CVE-2016-9966

Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily re…

CVSS: 9.8CWE: CWE-388

Critical

CVE-2016-9965

Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily re…

CVSS: 9.8CWE: CWE-388

High

CVE-2016-9837

An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view all…

CVSS: 7.5CWE: CWE-264

Medium

CVE-2016-3129

A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote at…

CVSS: 6.6CWE: N/A

Critical

CVE-2013-1430

An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the u…

CVSS: 9.8CWE: CWE-255

2016-12-15

High

CVE-2015-6574

The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP products allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet.

CVSS: 7.5CWE: CWE-399

High

CVE-2016-7890

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.

CVSS: 8.8CWE: N/A

Medium

CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client ("Reflected File Download"). Malicious…

CVSS: 5.5CWE: CWE-254

Medium

CVE-2016-4048

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Custom messages can be shown at the login screen to notify external users about issues with sharing links. This mechanism can…

CVSS: 4.3CWE: N/A

High

CVE-2016-4028

An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle…

CVSS: 7.5CWE: CWE-255

High

CVE-2015-8542

An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Cl…

CVSS: 8.8CWE: CWE-320

2016-12-14

Medium

CVE-2016-3685

SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration info…

CVSS: 4.7CWE: CWE-255

Medium

CVE-2016-3684

SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging k…

CVSS: 4.7CWE: N/A

High

CVE-2016-9215

A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. More Information: CSCva38434. Known Affected Releas…

CVSS: 7.8CWE: CWE-264

Medium

CVE-2016-9209

A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following…

CVSS: 4.3CWE: CWE-254

High

CVE-2016-9205

A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting…

CVSS: 7.5CWE: CWE-399

Medium

CVE-2016-9204

A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account. Affected Products: Cisco Nexus…

CVSS: 6.5CWE: CWE-255

High

CVE-2016-9198

A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More…

CVSS: 7.5CWE: CWE-399

High

CVE-2016-9192

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to t…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6470

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Kno…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6469

A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the…

CVSS: 7.5CWE: CWE-399

High

CVE-2016-6467

A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected relo…

CVSS: 7.5CWE: CWE-399

High

CVE-2016-6449

A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAM…

CVSS: 7.8CWE: CWE-264

Medium

CVE-2016-1411

A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SM…

CVSS: 5.9CWE: CWE-310

2016-12-13

Critical

CVE-2016-7942

The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.

CVSS: 9.8CWE: CWE-264

High

CVE-2016-6706

An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-5647

The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash)…

CVSS: 7.8CWE: CWE-264

Medium

CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differen…

CVSS: 5.5CWE: N/A

Medium

CVE-2016-7439

The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.

CVSS: 5.5CWE: CWE-310

Medium

CVE-2016-7438

The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.

CVSS: 5.5CWE: CWE-310

2016-12-12

Medium

CVE-2016-9633

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.

CVSS: 6.5CWE: CWE-399

2016-12-11

Critical

CVE-2016-9865

An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize() function. All 4.6.x versions (prior to 4.6.…

CVSS: 9.8CWE: CWE-254

High

CVE-2016-9861

An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.…

CVSS: 7.5CWE: CWE-254

Medium

CVE-2016-9851

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9)…

CVSS: 5.3CWE: CWE-254

Medium

CVE-2016-9850

An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x v…

CVSS: 5.3CWE: CWE-254

Critical

CVE-2016-9849

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x vers…

CVSS: 9.8CWE: CWE-264

Medium

CVE-2016-9847

An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way thi…

CVSS: 5.3CWE: CWE-310

High

CVE-2016-6633

An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. All 4.6.x versions…

CVSS: 8.1CWE: N/A

Medium

CVE-2016-6632

An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (…

CVSS: 5.9CWE: CWE-399

Critical

CVE-2016-6629

An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by A…

CVSS: 9.8CWE: CWE-254

Medium

CVE-2016-6628

An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.…

CVSS: 6.3CWE: CWE-254

Medium

CVE-2016-6626

An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to…

CVSS: 5.4CWE: CWE-254

Medium

CVE-2016-6624

An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in…

CVSS: 5.9CWE: CWE-254

Medium

CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with $cfg['AllowArbitra…

CVSS: 5.9CWE: CWE-399

Medium

CVE-2016-6618

An issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (pr…

CVSS: 6.5CWE: N/A

Medium

CVE-2016-4412

An issue was discovered in phpMyAdmin. A user can be tricked into following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the u…

CVSS: 4.4CWE: CWE-254

2016-12-10

Medium

CVE-2016-7157

The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU…

CVSS: 4.4CWE: N/A

Medium

CVE-2016-7155

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page…

CVSS: 4.4CWE: N/A

Medium

CVE-2016-6835

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging fail…

CVSS: 6.0CWE: N/A

Medium

CVE-2016-4964

The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU proce…

CVSS: 6.0CWE: N/A

2016-12-09

High

CVE-2016-9014

Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validat…

CVSS: 8.1CWE: CWE-264

High

CVE-2016-6301

The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a…

CVSS: 7.5CWE: CWE-399

Medium

CVE-2015-8786

The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_inc…

CVSS: 6.5CWE: CWE-399

High

CVE-2016-8858

The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE:…

CVSS: 7.5CWE: CWE-399

2016-12-08

High

CVE-2016-9120

Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by cal…

CVSS: 7.8CWE: CWE-264

High

CVE-2015-8967

arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileg…

CVSS: 7.8CWE: CWE-264

High

CVE-2015-8966

arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system…

CVSS: 7.8CWE: CWE-264

Medium

CVE-2016-8103

SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform.

CVSS: 6.7CWE: CWE-264

High

CVE-2016-8102

Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges.

CVSS: 7.8CWE: CWE-264

2016-12-03

Critical

CVE-2016-9796

Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista i…

CVSS: 9.8CWE: CWE-264

2016-12-02

High

CVE-2016-9638

In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable.…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-9479

The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request.

CVSS: 7.5CWE: CWE-255

2016-11-30

High

CVE-2016-2917

The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via u…

CVSS: 8.8CWE: CWE-264

Medium

CVE-2016-2881

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 and QRadar Incident Forensics 7.2 before 7.2.7 allow remote attackers to bypass intended access restrictions via modified request paramete…

CVSS: 6.5CWE: CWE-254

Low

CVE-2016-2877

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file.

CVSS: 3.3CWE: CWE-275

High

CVE-2016-2871

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file.

CVSS: 7.8CWE: CWE-255

Medium

CVE-2016-5890

IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors.

CVSS: 5.3CWE: CWE-255

Low

CVE-2016-2953

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.

CVSS: 3.7CWE: CWE-310

Low

CVE-2016-2951

IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the…

CVSS: 3.7CWE: CWE-310

High

CVE-2016-2936

IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information via unknown vectors.

CVSS: 7.3CWE: CWE-255

2016-11-29

Medium

CVE-2016-8224

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Managem…

CVSS: 4.4CWE: CWE-310

2016-11-28

High

CVE-2016-9644

The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows l…

CVSS: 7.8CWE: CWE-264

High

CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem director…

CVSS: 7.8CWE: CWE-264

2016-11-25

High

CVE-2016-2929

IBM BigFix Remote Control before 9.1.3 does not properly restrict password choices, which makes it easier for remote attackers to obtain access via a brute-force approach.

CVSS: 8.1CWE: CWE-254

High

CVE-2016-6745

An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6744

An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6743

An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6742

An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6741

An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kerne…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6740

An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kerne…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6739

An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kerne…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6738

An elevation of privilege vulnerability in the Qualcomm crypto engine driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of th…

CVSS: 7.8CWE: CWE-264

High

CVE-2016-6737

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel.…

CVSS: 7.8CWE: CWE-264

High