VYPR

CVEs

100,075 total · page 1935 of 2,002

  • CVE-2016-6609HigDec 11, 2016
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

  • CVE-2016-6606HigDec 11, 2016
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same…

  • CVE-2016-5424HigDec 9, 2016
    risk 0.47cvss 7.1epss 0.05

    PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage…

  • CVE-2016-5423HigDec 9, 2016
    risk 0.54cvss 8.3epss 0.06

    PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute…

  • CVE-2016-6321HigDec 9, 2016
    risk 0.50cvss 7.5epss 0.15

    Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka…

  • CVE-2016-9014HigDec 9, 2016
    risk 0.46cvss 8.1epss 0.06

    Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.

  • CVE-2016-6301HigDec 9, 2016
    risk 0.49cvss 7.5epss 0.09

    The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.

  • CVE-2016-8858HigDec 9, 2016
    risk 0.51cvss 7.5epss 0.29

    The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a…

  • CVE-2016-9120HigDec 8, 2016
    risk 0.51cvss 7.8epss 0.02

    Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.

  • CVE-2015-8967HigDec 8, 2016
    risk 0.44cvss 7.8epss 0.01

    arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access.

  • CVE-2015-8966HigDec 8, 2016
    risk 0.44cvss 7.8epss 0.01

    arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.

  • CVE-2016-9920HigDec 8, 2016
    risk 0.49cvss 7.5epss 0.06

    steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated…

  • CVE-2016-9919HigDec 8, 2016
    risk 0.49cvss 7.5epss 0.06

    The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.

  • CVE-2016-8102HigDec 8, 2016
    risk 0.51cvss 7.8epss 0.00

    Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges.

  • CVE-2016-9918HigDec 8, 2016
    risk 0.49cvss 7.5epss 0.03

    In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

  • CVE-2016-9917HigDec 8, 2016
    risk 0.49cvss 7.5epss 0.04

    In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

  • CVE-2016-9839HigDec 8, 2016
    risk 0.49cvss 7.5epss 0.01

    In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.

  • CVE-2016-8655HigDec 8, 2016
    risk 0.55cvss 7.8epss 0.11

    Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and…

  • CVE-2015-8870HigDec 6, 2016
    risk 0.48cvss 7.4epss 0.02

    Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.

  • CVE-2016-8740HigDec 5, 2016
    risk 0.58cvss 7.5epss 0.79

    The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in…

  • CVE-2016-9156HigDec 5, 2016
    risk 0.48cvss 7.3epss 0.02

    A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP.

  • CVE-2016-9638HigDec 2, 2016
    risk 0.51cvss 7.8epss 0.00

    In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This…

  • CVE-2016-9479HigDec 2, 2016
    risk 0.49cvss 7.5epss 0.02

    The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request.

  • CVE-2016-9752HigDec 1, 2016
    risk 0.56cvss 8.6epss 0.01

    In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address (e.g., http://127.1) or a 30x (aka Redirection) HTTP status code.

  • CVE-2016-3055HigDec 1, 2016
    risk 0.53cvss 8.1epss 0.01

    IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML…

  • CVE-2016-3033HigDec 1, 2016
    risk 0.53cvss 8.1epss 0.01

    IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External…

  • CVE-2016-3012HigDec 1, 2016
    risk 0.49cvss 7.5epss 0.02

    IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials.

  • CVE-2016-2946HigDec 1, 2016
    risk 0.51cvss 7.8epss 0.00

    Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors.

  • CVE-2016-2917HigNov 30, 2016
    risk 0.57cvss 8.8epss 0.01

    The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors.

  • CVE-2016-2887HigNov 30, 2016
    risk 0.53cvss 8.1epss 0.01

    IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

  • CVE-2016-2884HigNov 30, 2016
    risk 0.52cvss 8.0epss 0.00

    Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

  • CVE-2016-2878HigNov 30, 2016
    risk 0.52cvss 8.0epss 0.00

    Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

  • CVE-2016-2876HigNov 30, 2016
    risk 0.49cvss 7.5epss 0.02

    IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access by leveraging a command-injection issue.

  • CVE-2016-2873HigNov 30, 2016
    risk 0.57cvss 8.8epss 0.01

    SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2016-2871HigNov 30, 2016
    risk 0.51cvss 7.8epss 0.00

    IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file.

  • CVE-2016-9564HigNov 30, 2016
    risk 0.49cvss 7.5epss 0.01

    Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters.

  • CVE-2016-2963HigNov 30, 2016
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

  • CVE-2016-2948HigNov 30, 2016
    risk 0.51cvss 7.8epss 0.00

    IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors.

  • CVE-2016-2936HigNov 30, 2016
    risk 0.48cvss 7.3epss 0.01

    IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information via unknown vectors.

  • CVE-2016-8223HigNov 29, 2016
    risk 0.51cvss 7.8epss 0.00

    During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.

  • CVE-2016-1251HigNov 29, 2016
    risk 0.46cvss 8.1epss 0.03

    There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.

  • CVE-2016-1247HigNov 29, 2016
    risk 0.54cvss 7.8epss 0.05

    The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local…

  • CVE-2016-5685HigNov 29, 2016
    risk 0.57cvss 8.8epss 0.02

    Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.

  • CVE-2016-5393HigNov 29, 2016
    risk 0.57cvss 8.8epss 0.03

    In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service.

  • CVE-2016-9644HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.01

    The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted…

  • CVE-2016-9313HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.02

    security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified…

  • CVE-2016-9084HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.

  • CVE-2016-9083HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS…

  • CVE-2016-8632HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.00

    The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer…

  • CVE-2015-1328HigNov 28, 2016
    risk 0.57cvss 7.8epss 0.38

    The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration…