VYPR

CVEs

38,009 total · page 721 of 761

  • CVE-2016-5828HigJun 27, 2016
    risk 0.51cvss 7.8epss 0.00

    The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly…

  • CVE-2016-5244HigJun 27, 2016
    risk 0.49cvss 7.5epss 0.06

    The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

  • CVE-2016-4440HigJun 27, 2016
    risk 0.51cvss 7.8epss 0.00

    arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via…

  • CVE-2016-3949HigJun 27, 2016
    risk 0.49cvss 7.5epss 0.04

    Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus…

  • CVE-2016-3713HigJun 27, 2016
    risk 0.46cvss 7.1epss 0.00

    The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash),…

  • CVE-2016-3707HigJun 27, 2016
    risk 0.53cvss 8.1epss 0.03

    The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands…

  • CVE-2016-1583HigJun 27, 2016
    risk 0.47cvss 7.8epss 0.01

    The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive…

  • CVE-2016-0758HigJun 27, 2016
    risk 0.44cvss 7.8epss 0.00

    Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

  • CVE-2014-9904HigJun 27, 2016
    risk 0.44cvss 7.8epss 0.00

    The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have…

  • CVE-2016-0301HigJun 26, 2016
    risk 0.51cvss 7.8epss 0.03

    Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0279.

  • CVE-2016-0279HigJun 26, 2016
    risk 0.51cvss 7.8epss 0.03

    Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0301.

  • CVE-2016-0278HigJun 26, 2016
    risk 0.51cvss 7.8epss 0.03

    Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0279, and CVE-2016-0301.

  • CVE-2016-0277HigJun 26, 2016
    risk 0.51cvss 7.8epss 0.03

    Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0278, CVE-2016-0279, and CVE-2016-0301.

  • CVE-2016-2901HigJun 26, 2016
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

  • CVE-2016-4823HigJun 25, 2016
    risk 0.49cvss 7.5epss 0.02

    Corega CG-WLBARAGM devices allow remote attackers to cause a denial of service (reboot) via unspecified vectors.

  • CVE-2016-4822HigJun 25, 2016
    risk 0.52cvss 8.0epss 0.01

    Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors.

  • CVE-2016-1193HigJun 25, 2016
    risk 0.49cvss 7.5epss 0.02

    Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors.

  • CVE-2016-1189HigJun 25, 2016
    risk 0.53cvss 8.1epss 0.01

    Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors.

  • CVE-2016-5723HigJun 24, 2016
    risk 0.51cvss 7.8epss 0.00

    Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors.

  • CVE-2016-5722HigJun 24, 2016
    risk 0.48cvss 7.3epss 0.01

    Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network.

  • CVE-2016-4802HigJun 24, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in…

  • CVE-2016-1438HigJun 23, 2016
    risk 0.49cvss 7.5epss 0.01

    Cisco AsyncOS 9.7.0-125 on Email Security Appliance (ESA) devices allows remote attackers to bypass intended spam filtering via crafted executable content in a ZIP archive, aka Bug ID CSCuy39210.

  • CVE-2016-1436HigJun 23, 2016
    risk 0.49cvss 7.5epss 0.02

    The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted GTPv1 packet, aka Bug ID…

  • CVE-2016-1435HigJun 23, 2016
    risk 0.46cvss 7.0epss 0.00

    Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014.

  • CVE-2015-6289HigJun 23, 2016
    risk 0.49cvss 7.5epss 0.04

    Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and 829 devices allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets on the SSH port, aka Bug ID CSCuu13476.

  • CVE-2016-2364HigJun 20, 2016
    risk 0.49cvss 7.5epss 0.02

    The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously trixbox Pro) 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge…

  • CVE-2016-2363HigJun 20, 2016
    risk 0.51cvss 7.8epss 0.01

    Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account.

  • CVE-2015-8289HigJun 20, 2016
    risk 0.49cvss 7.5epss 0.02

    The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.

  • CVE-2016-4514HigJun 19, 2016
    risk 0.50cvss 7.7epss 0.01

    Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.

  • CVE-2016-1861HigJun 19, 2016
    risk 0.54cvss 7.8epss 0.04

    The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.

  • CVE-2016-0911HigJun 19, 2016
    risk 0.53cvss 8.2epss 0.01

    EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_root_squash option for NFS exports, which makes it easier for remote attackers to obtain filesystem access by leveraging client root privileges.

  • CVE-2016-0392HigJun 19, 2016
    risk 0.55cvss 8.4epss 0.01

    IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a…

  • CVE-2016-1195HigJun 19, 2016
    risk 0.48cvss 7.4epss 0.02

    Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

  • CVE-2016-4820HigJun 19, 2016
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users.

  • CVE-2016-4817HigJun 19, 2016
    risk 0.49cvss 7.5epss 0.04

    lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 mishandles HTTP/2 disconnection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted packet.

  • CVE-2016-4815HigJun 19, 2016
    risk 0.49cvss 7.5epss 0.02

    Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2016-4814HigJun 19, 2016
    risk 0.49cvss 7.5epss 0.02

    Directory traversal vulnerability in kml2jsonp.php in Geospatial Information Authority of Japan (aka GSI) Old_GSI_Maps before January 2015 on Windows allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2016-4813HigJun 19, 2016
    risk 0.57cvss 8.8epss 0.02

    NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat (aka CLERK) users to gain privileges by creating a SYSTEM_ADMIN account.

  • CVE-2016-4371HigJun 19, 2016
    risk 0.52cvss 8.0epss 0.01

    HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client,…

  • CVE-2016-1427HigJun 18, 2016
    risk 0.49cvss 7.5epss 0.02

    The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.

  • CVE-2016-5363HigJun 17, 2016
    risk 0.47cvss 8.2epss 0.03

    The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2)…

  • CVE-2016-5362HigJun 17, 2016
    risk 0.54cvss 8.2epss 0.03

    The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.

  • CVE-2016-3643HigKEVJun 17, 2016
    risk 0.66cvss 7.8epss 0.04

    SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."

  • CVE-2016-5300HigJun 16, 2016
    risk 0.49cvss 7.5epss 0.07

    The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2016-3062HigJun 16, 2016
    risk 0.58cvss 8.8epss 0.04

    The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

  • CVE-2016-2538HigJun 16, 2016
    risk 0.46cvss 7.1epss 0.00

    Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that…

  • CVE-2016-5361HigJun 16, 2016
    risk 0.49cvss 7.5epss 0.03

    programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required…

  • CVE-2016-4166HigJun 16, 2016
    risk 0.58cvss 8.8epss 0.04

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

  • CVE-2016-4158HigJun 16, 2016
    risk 0.48cvss 7.3epss 0.03

    Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

  • CVE-2016-4157HigJun 16, 2016
    risk 0.48cvss 7.3epss 0.01

    Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.