| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7521 | Hig | 0.54 | 8.3 | 0.06 | Jan 29, 2016 | The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations. | ||
| CVE-2016-1882 | Hig | 0.49 | 7.5 | 0.02 | Jan 29, 2016 | FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options. | ||
| CVE-2016-1879 | Hig | 0.53 | 7.5 | 0.14 | Jan 29, 2016 | The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic)… | ||
| CVE-2015-8770 | Hig | 0.54 | 7.5 | 0.22 | Jan 29, 2016 | Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a ..… | ||
| CVE-2015-7464 | Hig | 0.49 | 7.5 | 0.01 | Jan 29, 2016 | Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote attackers to cause a denial of service (Report Builder server outage) via a crafted request to a Report Builder instance URL. | ||
| CVE-2015-6421 | Hig | 0.49 | 7.5 | 0.02 | Jan 27, 2016 | cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted… | ||
| CVE-2016-1983 | Hig | 0.49 | 7.5 | 0.03 | Jan 27, 2016 | The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. | ||
| CVE-2016-1982 | Hig | 0.49 | 7.5 | 0.03 | Jan 27, 2016 | The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. | ||
| CVE-2015-8618 | Hig | 0.49 | 7.5 | 0.03 | Jan 27, 2016 | The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors. | ||
| CVE-2016-1567 | Hig | 0.53 | 8.1 | 0.03 | Jan 26, 2016 | chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." | ||
| CVE-2016-1491 | Hig | 0.57 | 8.8 | 0.02 | Jan 26, 2016 | The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. | ||
| CVE-2016-1489 | Hig | 0.52 | 8.0 | 0.02 | Jan 26, 2016 | Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. | ||
| CVE-2016-1233 | Hig | 0.51 | 7.8 | 0.00 | Jan 26, 2016 | An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character device, which allows local users to gain privileges via a character device in… | ||
| CVE-2015-8379 | Hig | 0.50 | 8.8 | 0.01 | Jan 26, 2016 | CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter. | ||
| CVE-2015-7974 | Hig | 0.51 | 7.7 | 0.06 | Jan 26, 2016 | NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." | ||
| CVE-2016-2052 | Hig | 0.42 | 7.6 | 0.01 | Jan 25, 2016 | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check… | ||
| CVE-2016-1620 | Hig | 0.57 | 8.8 | 0.01 | Jan 25, 2016 | Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
| CVE-2016-1619 | Hig | 0.49 | 7.6 | 0.01 | Jan 25, 2016 | Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have… | ||
| CVE-2016-1613 | Hig | 0.49 | 7.6 | 0.01 | Jan 25, 2016 | Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper… | ||
| CVE-2016-1612 | Hig | 0.49 | 7.6 | 0.01 | Jan 25, 2016 | The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have… | ||
| CVE-2016-1572 | Hig | 0.55 | 8.4 | 0.00 | Jan 22, 2016 | mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid. | ||
| CVE-2016-1570 | Hig | 0.55 | 8.5 | 0.01 | Jan 22, 2016 | The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1)… | ||
| CVE-2015-6925 | Hig | 0.49 | 7.5 | 0.03 | Jan 22, 2016 | wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message. | ||
| CVE-2016-1134 | Hig | 0.57 | 8.8 | 0.01 | Jan 22, 2016 | Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices… | ||
| CVE-2015-7909 | Hig | 0.48 | 7.3 | 0.01 | Jan 22, 2016 | Stack-based buffer overflow in Hospira Communication Engine (CE) before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via… | ||
| CVE-2015-8472 | Hig | 0.48 | 7.3 | 0.06 | Jan 21, 2016 | Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified… | ||
| CVE-2015-5516 | Hig | 0.49 | 7.5 | 0.03 | Jan 20, 2016 | Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6,… | ||
| CVE-2015-8705 | Hig | 0.46 | 7.0 | 0.08 | Jan 20, 2016 | buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option. | ||
| CVE-2016-1296 | Hig | 0.49 | 7.5 | 0.02 | Jan 20, 2016 | The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848. | ||
| CVE-2016-1904 | Hig | 0.41 | 7.3 | 0.03 | Jan 19, 2016 | Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based… | ||
| CVE-2015-8616 | Hig | 0.56 | 8.6 | 0.02 | Jan 19, 2016 | Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collator_sort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging the relationships… | ||
| CVE-2015-6836 | Hig | 0.48 | 7.3 | 0.10 | Jan 19, 2016 | The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the… | ||
| CVE-2015-6833 | Hig | 0.49 | 7.5 | 0.05 | Jan 19, 2016 | Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call. | ||
| CVE-2015-6832 | Hig | 0.48 | 7.3 | 0.05 | Jan 19, 2016 | Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field. | ||
| CVE-2015-6831 | Hig | 0.48 | 7.3 | 0.07 | Jan 19, 2016 | Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled… | ||
| CVE-2015-6527 | Hig | 0.48 | 7.3 | 0.04 | Jan 19, 2016 | The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function. | ||
| CVE-2015-5590 | Hig | 0.48 | 7.3 | 0.05 | Jan 19, 2016 | Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as… | ||
| CVE-2015-4988 | Hig | 0.56 | 8.6 | 0.03 | Jan 18, 2016 | Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to… | ||
| CVE-2015-7470 | Hig | 0.49 | 7.5 | 0.01 | Jan 17, 2016 | Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors, as demonstrated by login information. | ||
| CVE-2015-6863 | Hig | 0.48 | 7.3 | 0.02 | Jan 16, 2016 | HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. | ||
| CVE-2016-0860 | Hig | 0.49 | 7.5 | 0.05 | Jan 15, 2016 | Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request. | ||
| CVE-2016-0858 | Hig | 0.53 | 8.1 | 0.05 | Jan 15, 2016 | Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request. | ||
| CVE-2016-0855 | Hig | 0.49 | 7.5 | 0.05 | Jan 15, 2016 | Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. | ||
| CVE-2016-0853 | Hig | 0.49 | 7.5 | 0.02 | Jan 15, 2016 | Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input. | ||
| CVE-2016-0852 | Hig | 0.49 | 7.5 | 0.02 | Jan 15, 2016 | Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors. | ||
| CVE-2016-0851 | Hig | 0.49 | 7.5 | 0.02 | Jan 15, 2016 | Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors. | ||
| CVE-2015-8281 | Hig | 0.49 | 7.5 | 0.04 | Jan 15, 2016 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations. | ||
| CVE-2015-8280 | Hig | 0.49 | 7.5 | 0.06 | Jan 15, 2016 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages. | ||
| CVE-2015-8279 | Hig | 0.63 | 8.6 | 0.51 | Jan 15, 2016 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script. | ||
| CVE-2015-6467 | Hig | 0.53 | 8.1 | 0.04 | Jan 15, 2016 | Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin. |
- risk 0.54cvss 8.3epss 0.06
The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations.
- risk 0.49cvss 7.5epss 0.02
FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options.
- risk 0.53cvss 7.5epss 0.14
The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic)…
- risk 0.54cvss 7.5epss 0.22
Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a ..…
- risk 0.49cvss 7.5epss 0.01
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote attackers to cause a denial of service (Report Builder server outage) via a crafted request to a Report Builder instance URL.
- risk 0.49cvss 7.5epss 0.02
cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted…
- risk 0.49cvss 7.5epss 0.03
The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header.
- risk 0.49cvss 7.5epss 0.03
The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content.
- risk 0.49cvss 7.5epss 0.03
The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors.
- risk 0.53cvss 8.1epss 0.03
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
- risk 0.57cvss 8.8epss 0.02
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
- risk 0.52cvss 8.0epss 0.02
Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors.
- risk 0.51cvss 7.8epss 0.00
An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character device, which allows local users to gain privileges via a character device in…
- risk 0.50cvss 8.8epss 0.01
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter.
- risk 0.51cvss 7.7epss 0.06
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
- risk 0.42cvss 7.6epss 0.01
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check…
- risk 0.57cvss 8.8epss 0.01
Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- risk 0.49cvss 7.6epss 0.01
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have…
- risk 0.49cvss 7.6epss 0.01
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper…
- risk 0.49cvss 7.6epss 0.01
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have…
- risk 0.55cvss 8.4epss 0.00
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
- risk 0.55cvss 8.5epss 0.01
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1)…
- risk 0.49cvss 7.5epss 0.03
wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices…
- risk 0.48cvss 7.3epss 0.01
Stack-based buffer overflow in Hospira Communication Engine (CE) before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via…
- risk 0.48cvss 7.3epss 0.06
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified…
- risk 0.49cvss 7.5epss 0.03
Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6,…
- risk 0.46cvss 7.0epss 0.08
buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option.
- risk 0.49cvss 7.5epss 0.02
The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848.
- risk 0.41cvss 7.3epss 0.03
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based…
- risk 0.56cvss 8.6epss 0.02
Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collator_sort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging the relationships…
- risk 0.48cvss 7.3epss 0.10
The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the…
- risk 0.49cvss 7.5epss 0.05
Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.
- risk 0.48cvss 7.3epss 0.05
Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.
- risk 0.48cvss 7.3epss 0.07
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled…
- risk 0.48cvss 7.3epss 0.04
The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function.
- risk 0.48cvss 7.3epss 0.05
Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as…
- risk 0.56cvss 8.6epss 0.03
Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to…
- risk 0.49cvss 7.5epss 0.01
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors, as demonstrated by login information.
- risk 0.48cvss 7.3epss 0.02
HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.
- risk 0.49cvss 7.5epss 0.05
Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request.
- risk 0.53cvss 8.1epss 0.05
Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.
- risk 0.49cvss 7.5epss 0.05
Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.
- risk 0.49cvss 7.5epss 0.02
Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input.
- risk 0.49cvss 7.5epss 0.02
Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.
- risk 0.49cvss 7.5epss 0.02
Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors.
- risk 0.49cvss 7.5epss 0.04
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations.
- risk 0.49cvss 7.5epss 0.06
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages.
- risk 0.63cvss 8.6epss 0.51
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.
- risk 0.53cvss 8.1epss 0.04
Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin.