VYPR

CVEs

27,348 total · page 526 of 547

  • CVE-2016-5788CriNov 25, 2016
    risk 0.65cvss 10.0epss 0.02

    General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.

  • CVE-2016-3028CriNov 25, 2016
    risk 0.59cvss 9.1epss 0.04

    IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access Manager 9.0 before 9.0.1.0 IF5 allow remote authenticated users to execute arbitrary commands by leveraging LMI admin access.

  • CVE-2016-9540CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.04

    tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."

  • CVE-2016-9539CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.03

    tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.

  • CVE-2016-9538CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.03

    tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.

  • CVE-2016-9537CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.03

    tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097.

  • CVE-2016-9536CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.03

    tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow."

  • CVE-2016-9535CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.05

    tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."

  • CVE-2016-9534CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.04

    tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."

  • CVE-2016-9533CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.03

    tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow."

  • CVE-2016-9155CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.02

    The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID1445-DN28, CCID1145-DN36, CFIS1425, CCIS1425, CFMS2025,…

  • CVE-2016-9150CriNov 19, 2016
    risk 0.69cvss 9.8epss 0.35

    Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2016-5763CriNov 15, 2016
    risk 0.59cvss 9.1epss 0.02

    Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update 10991, OES11 SP2 before Scheduled Maintenance Update 10989) might allow…

  • CVE-2016-9287CriNov 15, 2016
    risk 0.64cvss 9.8epss 0.01

    In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection.

  • CVE-2016-8902CriNov 14, 2016
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter.

  • CVE-2016-9288CriNov 11, 2016
    risk 0.64cvss 9.8epss 0.01

    In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this:…

  • CVE-2016-9272CriNov 11, 2016
    risk 0.59cvss 9.1epss 0.02

    A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, can lead to site database information disclosure and denial of service.

  • CVE-2016-7489CriNov 10, 2016
    risk 0.64cvss 9.8epss 0.04

    Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.

  • CVE-2016-4095CriNov 10, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2016-8869CriNov 4, 2016
    risk 0.74cvss 9.8epss 0.97

    The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.

  • CVE-2016-9176CriNov 4, 2016
    risk 0.64cvss 9.8epss 0.03

    Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code.

  • CVE-2016-6452CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 and earlier and 5.2.2.2…

  • CVE-2016-6448CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.04

    A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to…

  • CVE-2016-6447CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.03

    A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano Server releases prior…

  • CVE-2016-6441CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.05

    A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Series Aggregation Services…

  • CVE-2016-7453CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.01

    The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection.

  • CVE-2016-7402CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.01

    SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.

  • CVE-2016-7095CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.02

    Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a malicious script file using redirection to place the script in an unprotected folder, one allowing script execution.

  • CVE-2015-8969CriNov 3, 2016
    risk 0.57cvss 9.8epss 0.05

    git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to "cd " and "git clone " commands in the library.

  • CVE-2016-7990CriOct 31, 2016
    risk 0.64cvss 9.8epss 0.02

    On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of…

  • CVE-2016-7505CriOct 29, 2016
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition.

  • CVE-2016-7504CriOct 29, 2016
    risk 0.64cvss 9.8epss 0.03

    A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. MuJS before 5c337af4b3df80cf967e4f9f6a21522de84b392a. A successful exploitation of this issue can lead to code execution or denial of service condition.

  • CVE-2016-8598CriOct 28, 2016
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet.

  • CVE-2016-8597CriOct 28, 2016
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp library v1.4 and earlier allows hostile components with network access to the SFP underlying network layers to execute arbitrary code via specially crafted SFP packets.

  • CVE-2016-8596CriOct 28, 2016
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet.

  • CVE-2016-8582CriOct 28, 2016
    risk 0.71cvss 9.8epss 0.57

    A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOAD_FILE.

  • CVE-2016-8580CriOct 28, 2016
    risk 0.67cvss 9.8epss 0.07

    PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.

  • CVE-2016-8339CriOct 28, 2016
    risk 0.65cvss 9.8epss 0.15

    A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store.…

  • CVE-2016-6397CriOct 28, 2016
    risk 0.64cvss 9.8epss 0.02

    A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to…

  • CVE-2016-6445CriOct 27, 2016
    risk 0.59cvss 9.1epss 0.03

    A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This…

  • CVE-2016-5605CriOct 25, 2016
    risk 0.59cvss 9.1epss 0.02

    Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.

  • CVE-2016-5599CriOct 25, 2016
    risk 0.59cvss 9.1epss 0.02

    Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt.

  • CVE-2016-5582CriOct 25, 2016
    risk 0.63cvss 9.6epss 0.05

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.

  • CVE-2016-5580CriOct 25, 2016
    risk 0.63cvss 9.6epss 0.02

    Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and 5.2 allows remote authenticated users to affect confidentiality and availability via vectors through Web Services.

  • CVE-2016-5568CriOct 25, 2016
    risk 0.63cvss 9.6epss 0.04

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.

  • CVE-2016-5556CriOct 25, 2016
    risk 0.63cvss 9.6epss 0.05

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.

  • CVE-2016-5555CriOct 25, 2016
    risk 0.59cvss 9.1epss 0.02

    Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2016-5535CriOct 25, 2016
    risk 0.64cvss 9.8epss 0.05

    Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2016-5531CriOct 25, 2016
    risk 0.64cvss 9.8epss 0.05

    Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.

  • CVE-2016-3551CriOct 25, 2016
    risk 0.64cvss 9.8epss 0.05

    Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS Web Services Stack.