VYPR

CVEs

100,082 total · page 1954 of 2,002

  • CVE-2016-5639HigAug 3, 2016
    risk 0.53cvss 7.5epss 0.21

    Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter.

  • CVE-2016-6258HigAug 2, 2016
    risk 0.57cvss 8.8epss 0.00

    The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.

  • CVE-2016-6232HigAug 2, 2016
    risk 0.49cvss 7.5epss 0.04

    Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.

  • CVE-2016-6193HigAug 2, 2016
    risk 0.51cvss 7.8epss 0.01

    Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192.

  • CVE-2016-6192HigAug 2, 2016
    risk 0.48cvss 7.3epss 0.01

    Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193.

  • CVE-2016-2408HigAug 2, 2016
    risk 0.51cvss 7.8epss 0.00

    Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors.

  • CVE-2016-1712HigAug 2, 2016
    risk 0.51cvss 7.8epss 0.00

    Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper sanitization of the root_reboot local invocation.

  • CVE-2016-6185HigAug 2, 2016
    risk 0.51cvss 7.8epss 0.01

    The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.

  • CVE-2016-1238HigAug 2, 2016
    risk 0.51cvss 7.8epss 0.01

    (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10)…

  • CVE-2016-5672HigAug 1, 2016
    risk 0.53cvss 8.1epss 0.02

    Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it…

  • CVE-2016-5138HigAug 1, 2016
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffer overflow and use-after-free) by leveraging an unrestricted multiplication.

  • CVE-2016-4834HigAug 1, 2016
    risk 0.53cvss 8.1epss 0.02

    modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does not properly restrict user-save actions, which allows remote authenticated users to create or modify user accounts via unspecified vectors.

  • CVE-2016-2180HigAug 1, 2016
    risk 0.44cvss 7.5epss 0.29

    The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp…

  • CVE-2016-1611HigAug 1, 2016
    risk 0.54cvss 7.8epss 0.01

    Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.

  • CVE-2016-1610HigAug 1, 2016
    risk 0.53cvss 7.5epss 0.12

    Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name.

  • CVE-2016-1608HigAug 1, 2016
    risk 0.61cvss 8.8epss 0.11

    vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.

  • CVE-2016-1607HigAug 1, 2016
    risk 0.50cvss 7.2epss 0.03

    Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time…

  • CVE-2016-1461HigAug 1, 2016
    risk 0.49cvss 7.5epss 0.02

    Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via a crafted attachment in an e-mail message, aka Bug ID CSCuz14932.

  • CVE-2016-4469HigJul 28, 2016
    risk 0.61cvss 8.8epss 0.08

    Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to…

  • CVE-2016-4531HigJul 28, 2016
    risk 0.48cvss 7.3epss 0.08

    Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

  • CVE-2016-1463HigJul 28, 2016
    risk 0.49cvss 7.5epss 0.02

    Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.

  • CVE-2016-1374HigJul 28, 2016
    risk 0.57cvss 8.8epss 0.03

    The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and earlier allows remote authenticated users to execute arbitrary commands via crafted parameters in a GET request, aka Bug ID CSCuy07827.

  • CVE-2015-5738HigJul 26, 2016
    risk 0.49cvss 7.5epss 0.02

    The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel…

  • CVE-2016-6152HigJul 26, 2016
    risk 0.57cvss 8.8epss 0.03

    CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.

  • CVE-2016-6151HigJul 26, 2016
    risk 0.57cvss 8.8epss 0.03

    CA eHealth 6.2.x allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.

  • CVE-2016-6297HigJul 25, 2016
    risk 0.58cvss 8.8epss 0.05

    Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a…

  • CVE-2016-6289HigJul 25, 2016
    risk 0.51cvss 7.8epss 0.04

    Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted…

  • CVE-2016-5136HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion.

  • CVE-2016-5134HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.02

    net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a…

  • CVE-2016-5132HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element…

  • CVE-2016-5131HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.02

    Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

  • CVE-2016-5129HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.02

    Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.

  • CVE-2016-5128HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

  • CVE-2016-5127HigJul 23, 2016
    risk 0.49cvss 7.5epss 0.01

    Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import…

  • CVE-2016-1711HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

  • CVE-2016-1710HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

  • CVE-2016-1709HigJul 23, 2016
    risk 0.50cvss 8.8epss 0.01

    Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SFNT font.

  • CVE-2016-1708HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service (use-after-free) or…

  • CVE-2016-1705HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2016-5874HigJul 22, 2016
    risk 0.49cvss 7.5epss 0.04

    Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers to cause a denial of service (OPC UA service outage) via crafted TCP packets.

  • CVE-2016-5744HigJul 22, 2016
    risk 0.49cvss 7.5epss 0.04

    Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.

  • CVE-2016-4653HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.

  • CVE-2016-4647HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.

  • CVE-2016-4641HigJul 22, 2016
    risk 0.48cvss 7.3epss 0.01

    Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."

  • CVE-2016-4640HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.01

    Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4639HigJul 22, 2016
    risk 0.46cvss 7.0epss 0.00

    Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors.

  • CVE-2016-4638HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.01

    Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."

  • CVE-2016-4637HigJul 22, 2016
    risk 0.58cvss 8.8epss 0.04

    CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

  • CVE-2016-4634HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-4633HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.