The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| canonical -- ubuntu_core | The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory. | 2016-05-02 | 7.2 | CVE-2016-1575 CONFIRM MLIST MISC CONFIRM MISC |
| canonical -- ubuntu_core | The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program. | 2016-05-02 | 7.2 | CVE-2016-1576 MISC MISC CONFIRM MLIST MISC CONFIRM MISC |
| cisco -- telepresence_tc_software | The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935. | 2016-05-05 | 9.0 | CVE-2016-1387 CISCO |
| imagemagick -- imagemagick | The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick." | 2016-05-05 | 10.0 | CVE-2016-3714 CERT-VN CONFIRM CONFIRM CONFIRM MISC CONFIRM CONFIRM SECTRACK MLIST MLIST |
| imagemagick -- imagemagick | The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. | 2016-05-05 | 7.1 | CVE-2016-3717 CONFIRM CONFIRM CONFIRM MLIST |
| linux -- linux_kernel | The redirect_target function in net/ipv4/netfilter/ipt_ |
2016-05-02 | 7.8 | CVE-2003-1604 CONFIRM MLIST MLIST |
| linux -- linux_kernel | The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages. | 2016-05-02 | 7.2 | CVE-2012-6689 CONFIRM CONFIRM MLIST CONFIRM MLIST MLIST CONFIRM |
| linux -- linux_kernel | Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. | 2016-05-02 | 7.2 | CVE-2012-6701 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copy_from_iter function in the iov_iter interface, as demonstrated by the Bluetooth subsystem. | 2016-05-02 | 7.2 | CVE-2015-2686 CONFIRM CONFIRM MLIST CONFIRM MISC CONFIRM |
| linux -- linux_kernel | The skb_copy_and_csum_datagram_ |
2016-05-02 | 7.2 | CVE-2015-8019 CONFIRM MLIST MISC |
| linux -- linux_kernel | Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression. | 2016-05-02 | 7.2 | CVE-2015-8830 CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_ |
2016-05-02 | 7.1 | CVE-2016-2053 CONFIRM CONFIRM MLIST CONFIRM |
| linux -- linux_kernel | The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic. | 2016-05-02 | 7.8 | CVE-2016-2070 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| mozilla -- firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2016-04-30 | 10.0 | CVE-2016-2804 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox_esr | Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2016-04-30 | 10.0 | CVE-2016-2805 CONFIRM CONFIRM |
| mozilla -- firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2016-04-30 | 10.0 | CVE-2016-2806 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| mozilla -- firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2016-04-30 | 10.0 | CVE-2016-2807 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| openssh -- openbsd | The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable. | 2016-04-30 | 7.2 | CVE-2015-8325 CONFIRM CONFIRM CONFIRM CONFIRM |
| openssl -- openssl | The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue. | 2016-05-04 | 10.0 | CVE-2016-2108 CONFIRM CONFIRM CONFIRM |
| openssl -- openssl | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding. | 2016-05-04 | 7.8 | CVE-2016-2109 CONFIRM CONFIRM |
Medium Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache -- subversion | The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. | 2016-05-05 | 4.9 | CVE-2016-2167 SECTRACK DEBIAN CONFIRM MLIST MLIST |
| cisco -- information_server | The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCuy39059. | 2016-04-30 | 6.4 | CVE-2016-1343 CISCO |
| cisco -- prime_collaboration_assurance | Open redirect vulnerability in Cisco Prime Collaboration Assurance Software 10.5 through 11.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuu34121. | 2016-05-05 | 5.8 | CVE-2016-1392 CISCO |
| emc -- rsa_data_loss_prevention | Cross-site scripting (XSS) vulnerability in EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2016-05-03 | 4.3 | CVE-2016-0892 BUGTRAQ |
| emc -- rsa_data_loss_prevention | EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to obtain sensitive information by reading error messages. | 2016-05-03 | 4.0 | CVE-2016-0893 BUGTRAQ |
| emc -- rsa_data_loss_prevention | EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to bypass intended object access restrictions via a modified parameter. | 2016-05-03 | 6.5 | CVE-2016-0894 BUGTRAQ |
| emc -- rsa_data_loss_prevention | EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity. | 2016-05-03 | 4.3 | CVE-2016-0895 BUGTRAQ |
| imagemagick -- imagemagick | The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. | 2016-05-05 | 5.8 | CVE-2016-3715 CONFIRM CONFIRM CONFIRM MLIST |
| linux -- linux_kernel | The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted access to a device file under the /dev/pts directory. | 2016-05-02 | 4.9 | CVE-2011-5321 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability. | 2016-05-02 | 4.9 | CVE-2015-1573 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand. | 2016-05-02 | 4.9 | CVE-2015-2672 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call. | 2016-05-02 | 4.9 | CVE-2015-4177 CONFIRM CONFIRM MLIST CONFIRM MLIST MLIST CONFIRM |
| linux -- linux_kernel | The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h. | 2016-05-02 | 4.9 | CVE-2015-4178 CONFIRM MLIST CONFIRM MLIST CONFIRM MLIST CONFIRM |
| linux -- linux_kernel | The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function. | 2016-05-02 | 4.9 | CVE-2015-8324 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic. | 2016-05-02 | 5.0 | CVE-2015-8746 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The atl2_probe function in drivers/net/ethernet/atheros/ |
2016-05-02 | 5.0 | CVE-2016-2117 CONFIRM CONFIRM MLIST CONFIRM |
| linux -- linux_kernel | The ati_remote2_probe function in drivers/input/misc/ati_ |
2016-05-02 | 4.9 | CVE-2016-2185 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM BUGTRAQ BUGTRAQ CONFIRM |
| linux -- linux_kernel | The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | 2016-05-02 | 4.9 | CVE-2016-2186 CONFIRM CONFIRM CONFIRM BUGTRAQ BUGTRAQ CONFIRM |
| linux -- linux_kernel | The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | 2016-05-02 | 4.9 | CVE-2016-2187 CONFIRM CONFIRM CONFIRM |
| linux -- linux_kernel | The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | 2016-05-02 | 4.9 | CVE-2016-2188 CONFIRM CONFIRM CONFIRM BUGTRAQ BUGTRAQ CONFIRM |
| linux -- linux_kernel | The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program. | 2016-05-02 | 4.4 | CVE-2016-2853 MLIST MLIST MISC |
| linux -- linux_kernel | The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory. | 2016-05-02 | 4.6 | CVE-2016-2854 MLIST MLIST MISC |
| linux -- linux_kernel | The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors. | 2016-05-02 | 4.9 | CVE-2016-3136 CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | drivers/usb/serial/cypress_m8. |
2016-05-02 | 4.9 | CVE-2016-3137 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor. | 2016-05-02 | 4.9 | CVE-2016-3138 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The digi_port_init function in drivers/usb/serial/digi_ |
2016-05-02 | 4.9 | CVE-2016-3140 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface. | 2016-05-02 | 4.9 | CVE-2016-3689 CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor. | 2016-05-02 | 4.9 | CVE-2016-3951 MLIST CONFIRM CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| lockon -- ec_cube | The login page in the management screen in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to bypass intended IP address restrictions via unspecified vectors, a different vulnerability than CVE-2016-1200. | 2016-04-30 | 5.0 | CVE-2016-1199 CONFIRM CONFIRM JVNDB JVN |
| lockon -- ec_cube | The management screen in LOCKON EC-CUBE 3.0.7 through 3.0.9 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2016-1199. | 2016-04-30 | 6.5 | CVE-2016-1200 CONFIRM CONFIRM JVNDB JVN |
| lockon -- ec_cube | Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to hijack the authentication of administrators. | 2016-04-30 | 6.8 | CVE-2016-1201 CONFIRM CONFIRM JVNDB JVN |
| mozilla -- firefox | The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site. | 2016-04-30 | 5.1 | CVE-2016-2808 CONFIRM CONFIRM |
| mozilla -- firefox | The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution. | 2016-04-30 | 5.8 | CVE-2016-2809 CONFIRM CONFIRM |
| mozilla -- firefox | Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password. | 2016-04-30 | 4.3 | CVE-2016-2810 CONFIRM CONFIRM |
| mozilla -- firefox | Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method. | 2016-04-30 | 6.8 | CVE-2016-2811 CONFIRM CONFIRM |
| mozilla -- firefox | Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site. | 2016-04-30 | 5.1 | CVE-2016-2812 CONFIRM CONFIRM |
| mozilla -- firefox | Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780. | 2016-04-30 | 4.3 | CVE-2016-2813 CONFIRM CONFIRM MISC |
| mozilla -- firefox | Heap-based buffer overflow in the stagefright::SampleTable:: |
2016-04-30 | 6.8 | CVE-2016-2814 CONFIRM CONFIRM |
| mozilla -- firefox | Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type. | 2016-04-30 | 4.3 | CVE-2016-2816 CONFIRM CONFIRM |
| mozilla -- firefox | The WebExtension sandbox feature in browser/components/extensions/ |
2016-04-30 | 4.3 | CVE-2016-2817 CONFIRM CONFIRM |
| mozilla -- firefox | The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element. | 2016-04-30 | 4.3 | CVE-2016-2820 CONFIRM CONFIRM |
| openssl -- openssl | crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms. | 2016-05-04 | 5.0 | CVE-2000-1254 CONFIRM MLIST MLIST |
| openssl -- openssl | Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data. | 2016-05-04 | 5.0 | CVE-2016-2105 CONFIRM CONFIRM |
| openssl -- openssl | Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. | 2016-05-04 | 5.0 | CVE-2016-2106 CONFIRM CONFIRM |
| openssl -- openssl | The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data. | 2016-05-04 | 6.4 | CVE-2016-2176 CONFIRM CONFIRM |
| wireshark -- wireshark | wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x before 2.0.2 incorrectly increases a certain octet count, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted file. | 2016-04-30 | 4.3 | CVE-2016-4415 CONFIRM MISC CONFIRM |
| wireshark -- wireshark | epan/dissectors/packet- |
2016-04-30 | 4.3 | CVE-2016-4416 CONFIRM CONFIRM |
| wireshark -- wireshark | Off-by-one error in epan/dissectors/packet-gsm_ |
2016-04-30 | 4.3 | CVE-2016-4417 CONFIRM CONFIRM |
| wireshark -- wireshark | epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet that triggers an empty set. | 2016-04-30 | 4.3 | CVE-2016-4418 CONFIRM CONFIRM |
| wireshark -- wireshark | epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x before 2.0.2 mishandles capability data, which allows remote attackers to cause a denial of service (large loop) via a crafted packet. | 2016-04-30 | 4.3 | CVE-2016-4419 CONFIRM CONFIRM |
| wireshark -- wireshark | The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 2016-04-30 | 4.3 | CVE-2016-4420 CONFIRM |
| wireshark -- wireshark | epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack consumption, and application crash) via a packet that specifies deeply nested data. | 2016-04-30 | 4.3 | CVE-2016-4421 CONFIRM CONFIRM |
Low Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| linux -- linux_kernel | mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length. | 2016-05-02 | 2.1 | CVE-2008-7316 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace. | 2016-05-02 | 3.6 | CVE-2014-9717 MLIST CONFIRM CONFIRM MLIST MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program. | 2016-05-02 | 2.1 | CVE-2015-1350 CONFIRM MISC MLIST MLIST |
| linux -- linux_kernel | fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory. | 2016-05-02 | 2.1 | CVE-2015-4176 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
| linux -- linux_kernel | Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling. | 2016-05-02 | 1.9 | CVE-2015-8839 CONFIRM CONFIRM MLIST CONFIRM |
| openssl -- openssl | The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session, NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. | 2016-05-04 | 2.6 | CVE-2016-2107 CONFIRM CONFIRM |
Severity Not Yet Assigned
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| accellion -- file_transfer_appliance | Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) |
-기사원문확인하기: [US-CERT: Bulletin(SB16-130)] 2016년 5월 2일까지 발표된 보안 취약점
