본문 바로가기
IT 와 Social 이야기

[US-CERT: Bulletin(SB16-186)] 2016년 6월 27일까지 발표된 보안 취약점

by manga0713 2016. 7. 5.

 

 

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
apple -- mdnsresponder The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. 2016-06-25 7.5 CVE-2015-7988
CERT-VN
CONFIRM(link is external)
corega -- cg-wlbaragm_firmware Corega CG-WLBARAGM devices allow remote attackers to cause a denial of service (reboot) via unspecified vectors. 2016-06-25 7.8 CVE-2016-4823
JVNDB(link is external)
JVN(link is external)
CONFIRM(link is external)
f5 -- big-ip_access_policy_manager F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script. 2016-06-30 9.0 CVE-2016-5020
CONFIRM(link is external)
SECTRACK(link is external)
huawei -- mate_8_firmware Buffer overflow in Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (system crash) via a crafted app. 2016-06-30 7.1 CVE-2016-5232
CONFIRM(link is external)
huawei -- ar3200_firmware Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets. 2016-06-30 7.8 CVE-2016-5368
CONFIRM(link is external)
huawei -- huawei_firmware Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet. 2016-06-24 7.1 CVE-2016-5435
CONFIRM(link is external)
huawei -- ocean_stor_firmware OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network. 2016-06-24 7.5 CVE-2016-5722
CONFIRM(link is external)
huawei -- fusioninsight_hd Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors. 2016-06-24 7.2 CVE-2016-5723
CONFIRM(link is external)
ibm -- marketing_platform SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. 2016-06-27 7.5 CVE-2016-0224
CONFIRM(link is external)
ibm -- general_parallel_file_system_storage_server IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command. 2016-06-28 7.2 CVE-2016-0263
CONFIRM(link is external)
ibm -- messagesight JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary commands via unspecified vectors. 2016-06-30 9.0 CVE-2016-0375
CONFIRM(link is external)
lenovo -- solution_center Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly. 2016-06-30 7.2 CVE-2016-5249
MISC(link is external)
CONFIRM(link is external)
linux -- linux_kernel Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call. 2016-06-29 7.2 CVE-2012-6703
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
linux -- linux_kernel The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call. 2016-06-27 7.2 CVE-2014-9904
CONFIRM(link is external)
CONFIRM
linux -- linux_kernel Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. 2016-06-27 7.2 CVE-2016-0758
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
linux -- linux_kernel The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. 2016-06-27 7.2 CVE-2016-1583
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
MISC
MLIST(link is external)
MLIST(link is external)
CONFIRM
CONFIRM
linux -- linux_kernel arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode. 2016-06-27 7.2 CVE-2016-4440
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
linux -- linux_kernel The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call. 2016-06-27 7.2 CVE-2016-5828
MISC
MLIST(link is external)
linux -- linux_kernel Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. 2016-06-27 7.2 CVE-2016-5829
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
opera -- opera_mail Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message. 2016-06-29 9.3 CVE-2016-5101
CONFIRM(link is external)
siemens -- simatic_s7-300_with_profitnet_support_firmware Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus packets. 2016-06-27 7.8 CVE-2016-3949
CONFIRM(link is external)
symphony-cms -- symphony_cms Session fixation vulnerability in Symphony CMS 2.6.7, when session.use_only_cookies is disabled, allows remote attackers to hijack web sessions via the PHPSESSID parameter. 2016-06-30 7.6 CVE-2016-4309
EXPLOIT-DB(link is external)
CONFIRM(link is external)
BUGTRAQ(link is external)
MISC(link is external)
MISC
trend_micro -- deep_discovery_inspector hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via a crafted string. 2016-06-30 9.0 CVE-2016-5840
MISC(link is external)
CONFIRM(link is external)
unitronics -- visilogic_oplc_ide Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file. 2016-06-24 7.5 CVE-2016-4519
MISC
MISC(link is external)
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
advantech -- webaccess Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file. 2016-06-24 4.3 CVE-2016-4528
MISC
apple -- mdnsresponder Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function. 2016-06-25 6.8 CVE-2015-7987
CERT-VN
CONFIRM(link is external)
arvidn -- libtorrent The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast. 2016-06-30 5.0 CVE-2016-5301
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
MLIST(link is external)
SUSE
bzip -- bzip2 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. 2016-06-30 4.3 CVE-2016-3189
CONFIRM(link is external)
SECTRACK(link is external)
MLIST(link is external)
ca -- release_automation Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2016-06-28 4.3 CVE-2015-8699
CONFIRM(link is external)
corega -- cg-wlbargnl_firmware Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors. 2016-06-25 5.2 CVE-2016-4822
JVNDB(link is external)
JVN(link is external)
CONFIRM(link is external)
corega -- cg-wlr300gnv-w_firmware The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack. 2016-06-25 5.0 CVE-2016-4824
JVNDB(link is external)
JVN(link is external)
CONFIRM(link is external)
cybozu -- garoon Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to send spoofed e-mail messages via unspecified vectors. 2016-06-25 4.0 CVE-2016-1188
CONFIRM(link is external)
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
cybozu -- garoon Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors. 2016-06-25 5.5 CVE-2016-1189
CONFIRM(link is external)
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
cybozu -- garoon Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors. 2016-06-25 4.0 CVE-2016-1190
CONFIRM(link is external)
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
cybozu -- garoon Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors. 2016-06-25 5.0 CVE-2016-1193
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
dotcms -- dotcms CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject. 2016-06-30 5.0 CVE-2016-4803
MISC(link is external)
CONFIRM(link is external)
FULLDISC
f5 -- big-ip_access_policy_manager The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors. 2016-06-24 4.0 CVE-2016-5021
CONFIRM(link is external)
gnu_wget_project -- gnu_wget GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. 2016-06-30 4.3 CVE-2016-4971
CONFIRM(link is external)
UBUNTU(link is external)
MLIST
CONFIRM
haproxy -- haproxy HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors. 2016-06-30 5.0 CVE-2016-5360
UBUNTU(link is external)
MLIST(link is external)
MLIST(link is external)
CONFIRM
haxx -- curl Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory. 2016-06-24 6.9 CVE-2016-4802
CONFIRM(link is external)
SECTRACK(link is external)
huawei -- mate_8_firmware Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and control partial module functions via a crafted app. 2016-06-30 6.8 CVE-2016-5230
CONFIRM(link is external)
huawei -- mate_8_firmware Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app. 2016-06-30 5.0 CVE-2016-5231
CONFIRM(link is external)
ibm -- marketing_platform Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. 2016-06-27 4.3 CVE-2016-0229
CONFIRM(link is external)
ibm -- marketing_platform SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. 2016-06-27 6.5 CVE-2016-0233
CONFIRM(link is external)
ibm -- websphere_mq Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service (heap memory consumption) by triggering many errors. 2016-06-28 5.0 CVE-2016-0260
CONFIRM(link is external)
ibm -- urbancode_deploy IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secure-property information via (1) the server UI or (2) a database request. 2016-06-28 4.0 CVE-2016-0267
CONFIRM(link is external)
ibm -- domino Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0278, CVE-2016-0279, and CVE-2016-0301. 2016-06-26 6.8 CVE-2016-0277
CONFIRM(link is external)
ibm -- domino Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0279, and CVE-2016-0301. 2016-06-26 6.8 CVE-2016-0278
CONFIRM(link is external)
ibm -- domino Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0301. 2016-06-26 6.8 CVE-2016-0279
CONFIRM(link is external)
ibm -- security_guardium Directory traversal vulnerability in IBM Security Guardium Database Activity Monitor 10 before 10.0p100 allows remote authenticated users to read arbitrary files via a crafted URL. 2016-06-28 4.0 CVE-2016-0298
CONFIRM(link is external)
ibm -- domino Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0279. 2016-06-26 6.8 CVE-2016-0301
CONFIRM(link is external)
ibm -- domino The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920. 2016-06-28 6.8 CVE-2016-0304
CONFIRM(link is external)
ibm -- business_process_manager IBM Business Process Manager 8.5.6 through 8.5.6.2 and 8.5.7 before 8.5.7.CF201606 allows remote authenticated users to bypass intended access restrictions and update process-instance variables via a REST API call. 2016-06-29 4.0 CVE-2016-0349
CONFIRM(link is external)
AIXAPAR(link is external)
ibm -- tririga_application_platform IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet or Internet hosts, via a crafted proxy request to a web service. 2016-06-30 4.0 CVE-2016-0362
CONFIRM(link is external)
ibm -- urbancode_deploy IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 does not properly implement a logging-obfuscation feature for secure properties, which allows remote authenticated users to obtain sensitive information via vectors involving special characters. 2016-06-30 4.0 CVE-2016-0364
CONFIRM(link is external)
ibm -- urbancode_deploy IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1, when agent-relay Codestation artifact caching is enabled, allows remote attackers to bypass authentication and obtain sensitive artifact information via unspecified vectors. 2016-06-30 4.3 CVE-2016-0365
CONFIRM(link is external)
ibm -- tririga_application_platform The builder tools in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allow remote authenticated users to gain privileges for application modification via unspecified vectors. 2016-06-30 6.5 CVE-2016-0374
CONFIRM(link is external)
ibm -- web_content_manager Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. 2016-06-25 6.8 CVE-2016-2901
CONFIRM(link is external)
AIXAPAR(link is external)
libexpat -- expat The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716. 2016-06-30 6.8 CVE-2016-4472
CONFIRM(link is external)
CONFIRM(link is external)
UBUNTU(link is external)
linux -- linux_kernel nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c. 2016-06-29 4.9 CVE-2016-1237
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
linux -- linux_kernel-rt The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file. 2016-06-27 6.8 CVE-2016-3707
CONFIRM(link is external)
MLIST(link is external)
linux -- linux_kernel The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call. 2016-06-27 5.6 CVE-2016-3713
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
CONFIRM
linux -- linux_kernel The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. 2016-06-27 4.9 CVE-2016-4470
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
linux -- linux_kernel The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message. 2016-06-27 5.0 CVE-2016-5244
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
linux -- linux_kernel Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability. 2016-06-27 5.6 CVE-2016-5728
CONFIRM(link is external)
CONFIRM
CONFIRM
CONFIRM
schneider-electric -- powerlogic_pm8ecc_firmware Cross-site scripting (XSS) vulnerability in the Schneider Electric PowerLogic PM8ECC module before 2.651 for PowerMeter 800 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2016-06-25 4.3 CVE-2016-4513
MISC
symantec -- endpoint_protection_manager Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request. 2016-06-30 4.0 CVE-2016-3647
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization window. 2016-06-30 4.0 CVE-2016-3648
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests. 2016-06-30 4.0 CVE-2016-3649
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack. 2016-06-30 4.0 CVE-2016-3650
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors. 2016-06-30 6.0 CVE-2016-3651
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users. 2016-06-30 6.0 CVE-2016-3653
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. 2016-06-30 4.9 CVE-2016-5304
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445. 2016-06-30 5.0 CVE-2016-5306
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors. 2016-06-30 4.0 CVE-2016-5307
CONFIRM(link is external)
BID(link is external)
thekelleys -- dnsmasq Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. 2016-06-30 5.0 CVE-2015-8899
UBUNTU(link is external)
SECTRACK(link is external)
MLIST(link is external)
MLIST(link is external)
CONFIRM
MLIST
MLIST
welcart -- e-commerce The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data. 2016-06-25 6.8 CVE-2016-4825
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
welcart -- e-commerce Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827. 2016-06-25 4.3 CVE-2016-4826
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
welcart -- e-commerce Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826. 2016-06-25 4.3 CVE-2016-4827
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
welcart -- e-commerce The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an account. 2016-06-25 6.4 CVE-2016-4828
CONFIRM(link is external)
JVNDB(link is external)
JVN(link is external)
wordpress -- wordpress The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors. 2016-06-29 5.0 CVE-2016-5832
CONFIRM
CONFIRM
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5834. 2016-06-29 4.3 CVE-2016-5833
CONFIRM
CONFIRM(link is external)
CONFIRM
wordpress -- wordpress Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833. 2016-06-29 4.3 CVE-2016-5834
CONFIRM
CONFIRM(link is external)
CONFIRM
wordpress -- wordpress WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php. 2016-06-29 5.0 CVE-2016-5835
CONFIRM
CONFIRM(link is external)
CONFIRM
wordpress -- wordpress The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors. 2016-06-29 5.0 CVE-2016-5836
CONFIRM
CONFIRM
wordpress -- wordpress WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors. 2016-06-29 5.0 CVE-2016-5837
CONFIRM
CONFIRM
wordpress -- wordpress WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie. 2016-06-29 5.0 CVE-2016-5838
CONFIRM
CONFIRM
wordpress -- wordpress WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors. 2016-06-29 5.0 CVE-2016-5839
CONFIRM
CONFIRM
Back to top

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
advantech -- webaccess Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. 2016-06-24 3.3 CVE-2016-4525
MISC
alertus -- alertus_desktop_notification_for_os_x Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak permissions for configuration files and unspecified other files, which allows local users to suppress emergency notifications or change content via standard filesystem operations. 2016-06-25 3.6 CVE-2016-5087
CONFIRM
CERT-VN
ca -- release_automation CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary files or cause a denial of service via a request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. 2016-06-28 3.6 CVE-2015-8698
CONFIRM(link is external)
ibm -- websphere_mq runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp. 2016-06-26 2.1 CVE-2015-7473
CONFIRM(link is external)
ibm -- websphere_mq runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands. 2016-06-26 2.1 CVE-2016-0259
CONFIRM(link is external)
ibm -- connections Cross-site scripting (XSS) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 through CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML by uploading an HTML document. 2016-06-29 3.5 CVE-2016-0322
CONFIRM(link is external)
AIXAPAR(link is external)
lenovo -- solution_center The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary process via the PID argument. 2016-06-30 2.1 CVE-2016-5248
MISC(link is external)
CONFIRM(link is external)
linux -- linux_kernel The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call. 2016-06-27 2.1 CVE-2014-9903
CONFIRM(link is external)
CONFIRM
linux -- linux_kernel The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. 2016-06-27 2.1 CVE-2016-5243
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
MLIST(link is external)
CONFIRM
solarwinds -- virtualization_manager SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack. 2016-06-24 1.9 CVE-2016-5709
FULLDISC
symantec -- endpoint_protection_manager Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device. 2016-06-30 3.3 CVE-2015-8801
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. 2016-06-30 3.5 CVE-2016-3652
CONFIRM(link is external)
BID(link is external)
symantec -- endpoint_protection_manager Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack. 2016-06-30 3.5 CVE-2016-5305
CONFIRM(link is external)
BID(link is external)
Back to top

Severity Not Yet Assigned

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
apple -- airport_base_station_firmware Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7.7 misparses DNS data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 2016-07-02 not yet calculated CVE-2015-7029
CONFIRM(link is external)
APPLE(link is external)
cisco -- cnap Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145. 2016-07-02 not yet calculated CVE-2016-1441
CISCO(link is external)
cisco -- firepower Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238. 2016-07-02 not yet calculated CVE-2016-1394
CISCO(link is external)
cisco -- prime_collaboration_provisioning Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) mishandles LDAP authentication, which allows remote attackers to obtain administrator privileges via a crafted login attempt, aka Bug ID CSCuv37513. 2016-07-02 not yet calculated CVE-2016-1416
CISCO(link is external)
cisco -- prime_infrastructure Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager (EPNM) 1.2 and 2.0 allow remote authenticated users to execute arbitrary commands or upload files via a crafted HTTP request, aka Bug ID CSCuz01488. 2016-07-02 not yet calculated CVE-2016-1408
CISCO(link is external)
cisco -- prime_infrastructure The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allows remote attackers to execute arbitrary code or obtain sensitive management information via a crafted HTTP request, as demonstrated by discovering managed-device credentials, aka Bug ID CSCuy10231. 2016-07-02 not yet calculated CVE-2016-1289
CISCO(link is external)
cisco -- web_security_appliance The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468. 2016-07-02 not yet calculated CVE-2016-1440
CISCO(link is external)
flexera -- installanywhere Untrusted search path vulnerability in Flexera InstallAnywhere allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file. 2016-07-02 not yet calculated CVE-2016-4560
CONFIRM(link is external)
huawei -- fusion_compute Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets. 2016-06-30 not yet calculated CVE-2016-4057
CONFIRM(link is external)
huawei -- hisuite Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors. 2016-06-30 not yet calculated CVE-2016-4086
CONFIRM(link is external)
ibm -- cognos_analytics IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL. 2016-07-02 not yet calculated CVE-2016-0398
CONFIRM(link is external)
ibm -- infosphere_streams IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors. 2016-07-02 not yet calculated CVE-2016-2867
CONFIRM(link is external)
ibm -- integration_bus The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace. 2016-07-02 not yet calculated CVE-2016-2961
CONFIRM(link is external)
AIXAPAR(link is external)
ibm -- maximo_asset_management Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.9 IFIX007, and 7.6 before 7.6.0.5 FP005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. 2016-07-02 not yet calculated CVE-2016-0399
CONFIRM(link is external)
ibm -- qradar Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL. 2016-07-02 not yet calculated CVE-2016-2872
CONFIRM(link is external)
ibm -- qradar IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication and obtain sensitive information or modify data via unspecified vectors. 2016-07-02 not yet calculated CVE-2016-2968
CONFIRM(link is external)
ibm -- qradar IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. 2016-07-02 not yet calculated CVE-2016-2868
CONFIRM(link is external)
ibm -- tririga Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees. 2016-07-02 not yet calculated CVE-2016-0386
AIXAPAR(link is external)
ibm -- tririga Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. 2016-07-02 not yet calculated CVE-2016-0387
CONFIRM(link is external)
ibm -- tririga Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. 2016-07-02 not yet calculated CVE-2016-2883
CONFIRM(link is external)
ibm -- tririga IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to obtain sensitive information by reading HTTP responses. 2016-07-02 not yet calculated CVE-2016-2882
CONFIRM(link is external)
ibm -- watson_developer_cloud The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. 2016-07-02 not yet calculated CVE-2016-0391
CONFIRM(link is external)
ibm -- websphere_datapower Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances 2.1 and 2.5 allows remote authenticated users to cause a denial of service via unspecified vectors. 2016-07-02 not yet calculated CVE-2016-2870
CONFIRM(link is external)
AIXAPAR(link is external)
ibm -- websphere_extreme_scale CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. 2016-07-02 not yet calculated CVE-2016-0400
CONFIRM(link is external)
AIXAPAR(link is external)
AIXAPAR(link is external)
ibm -- websphere_extreme_scale IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. 2016-07-02 not yet calculated CVE-2016-2861
CONFIRM(link is external)
AIXAPAR(link is external)
AIXAPAR(link is external)
jgroups -- encrypt JGroups before 4.0 does not require the proper headers for the ENCRYPT and AUTH protocols from nodes joining the cluster, which allows remote attackers to bypass security restrictions and send and receive messages within the cluster via unspecified vectors. 2016-06-30 not yet calculated CVE-2016-2141
REDHAT(link is external)
REDHAT(link is external)
REDHAT(link is external)
REDHAT(link is external)
REDHAT(link is external)
REDHAT(link is external)
REDHAT(link is external)
CONFIRM
SECTRACK(link is external)
lenovo -- bios_efi_driver Lenovo BIOS EFI Driver allows local administrators to execute arbitrary code with System Management Mode (SMM) privileges via unspecified vectors. 2016-06-30 not yet calculated CVE-2016-5729
CONFIRM(link is external)
micro_focus -- rumba Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (3) the PrinterName property value to ProfileEditor.PrintPasteControl in ProfEdit.dll, (4) the Data argument to the WriteRecords function in FTXBIFFLib.AS400FtxBIFF in FtxBIFF.dll, (5) the Serialized property value to NMSECCOMPARAMSLib.SSL3 in NMSecComParams.dll, (6) the UserName property value to NMSECCOMPARAMSLib.FirewallProxy in NMSecComParams.dll, (7) the LUName property value to ProfileEditor.MFSNAControl in ProfEdit.dll, (8) the newVal argument to the Load function in FTPSFTPLib.SFtpSession in FTPSFtp.dll, or (9) a long Host field in the FTP Client. 2016-07-02 not yet calculated CVE-2016-1606
MISC(link is external)
MISC(link is external)
CONFIRM(link is external)
micro_focus -- runba Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability. 2016-07-02 not yet calculated CVE-2016-5228
MISC(link is external)
MISC(link is external)
CONFIRM(link is external)
npm -- cli The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers. 2016-07-02 not yet calculated CVE-2016-3956
CONFIRM
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM
phpmyadmin -- examples/openid.php Cross-site scripting (XSS) vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message. 2016-07-02 not yet calculated CVE-2016-5731
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- js/get_scripts.js.php js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter. 2016-07-02 not yet calculated CVE-2016-5706
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- libraries/central_columns.lib.php SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query. 2016-07-02 not yet calculated CVE-2016-5703
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- libraries/header.php The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php. 2016-07-02 not yet calculated CVE-2016-5739
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- phpmyadmin Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment. 2016-07-02 not yet calculated CVE-2016-5704
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml. 2016-07-02 not yet calculated CVE-2016-5733
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation. 2016-07-02 not yet calculated CVE-2016-5705
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters. 2016-07-02 not yet calculated CVE-2016-5732
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- phpmyadmin phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message. 2016-07-02 not yet calculated CVE-2016-5730
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- phpmyadmin phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation. 2016-07-02 not yet calculated CVE-2016-5734
CONFIRM(link is external)
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- phpmyadmin phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI. 2016-07-02 not yet calculated CVE-2016-5702
CONFIRM(link is external)
CONFIRM(link is external)
phpmyadmin -- setup/frames/index.inc.php setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI. 2016-07-02 not yet calculated CVE-2016-5701
CONFIRM(link is external)
CONFIRM(link is external)
redhat -- openstack_platform The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors. 2016-06-30 not yet calculated CVE-2016-4474
REDHAT(link is external)
CONFIRM(link is external)
REDHAT(link is external)
symantec -- antivirus_decomposer Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. 2016-06-30 not yet calculated CVE-2016-2210
CONFIRM(link is external)
BID(link is external)
symantec -- antivirus_decomposer Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. 2016-06-30 not yet calculated CVE-2016-2209
CONFIRM(link is external)
BID(link is external)
symantec -- antivirus_decomposer Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data. 2016-06-30 not yet calculated CVE-2016-3645
CONFIRM(link is external)
BID(link is external)
symantec -- antivirus_decomposer The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression. 2016-06-30 not yet calculated CVE-2016-2207
CONFIRM(link is external)
BID(link is external)
symantec -- antivirus_decomposer The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression. 2016-06-30 not yet calculated CVE-2016-3646
CONFIRM(link is external)
BID(link is external)
symantec -- antivirus_decomposer The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression. 2016-06-30 not yet calculated CVE-2016-2211
CONFIRM(link is external)
BID(link is external)
symantec -- antivirus_decomposer The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message. 2016-06-30 not yet calculated CVE-2016-3644
CONFIRM(link is external)
BID(link is external)
vmware -- nsx_edge VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL-VPN feature is configured, allow remote attackers to obtain sensitive information via unspecified vectors. 2016-07-02 not yet calculated CVE-2016-2079
CONFIRM(link is external)
vmware -- vcenter_server Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote attackers to inject arbitrary web script or HTML via a crafted URL. 2016-07-02 not yet calculated CVE-2015-6931
CONFIRM(link is external)
vmware -- vrealize_log_insight Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. 2016-07-02 not yet calculated CVE-2016-2082
CONFIRM(link is external)
vmware -- vrealize_log_insight Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2016-07-02 not yet calculated CVE-2016-2081
CONFIRM

-기사원문확인하기 : [US-CERT: Bulletin(SB16-186)] 2016년 6월 27일까지 발표된 보안 취약점