The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apache -- commons_fileupload | The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string. | 2016-07-04 | 7.8 | CVE-2016-3092 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MLIST JVNDB JVN |
apache -- struts | The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. | 2016-07-04 | 7.5 | CVE-2016-4438 CONFIRM CONFIRM JVNDB JVN |
apple -- airport_base_station_firmware | Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7.7 misparses DNS data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 2016-07-02 | 10.0 | CVE-2015-7029 CONFIRM APPLE |
cisco -- evolved_programmable_network_manager | The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allows remote attackers to execute arbitrary code or obtain sensitive management information via a crafted HTTP request, as demonstrated by discovering managed-device credentials, aka Bug ID CSCuy10231. | 2016-07-02 | 10.0 | CVE-2016-1289 CISCO |
cisco -- epc3928_firmware | goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948. | 2016-07-03 | 7.8 | CVE-2016-1328 BUGTRAQ MISC |
cisco -- epc3928_firmware | goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of Service" issue, aka Bug ID CSCuy28100. | 2016-07-03 | 7.8 | CVE-2016-1336 BUGTRAQ MISC |
cisco -- firesight_system_software | Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238. | 2016-07-02 | 7.5 | CVE-2016-1394 CISCO |
cisco -- prime_collaboration_provisioning | Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) mishandles LDAP authentication, which allows remote attackers to obtain administrator privileges via a crafted login attempt, aka Bug ID CSCuv37513. | 2016-07-02 | 10.0 | CVE-2016-1416 CISCO |
cisco -- prime_infrastructure | The administrative web interface in Cisco Prime Infrastructure (PI) before 3.1.1 allows remote authenticated users to execute arbitrary commands via crafted field values, aka Bug ID CSCuy96280. | 2016-07-07 | 9.0 | CVE-2016-1442 CISCO |
eaton -- elcsoft | Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 and earlier allows remote attackers to execute arbitrary code via a long packet. | 2016-07-03 | 7.5 | CVE-2016-4512 MISC |
ibm -- power_hardware_management_console | IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0 allows physically proximate attackers to obtain root access via unspecified vectors. | 2016-07-07 | 7.2 | CVE-2016-0230 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- urbancode_deploy | The agents in IBM UrbanCode Deploy 6.x before 6.0.1.14, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 do not verify a server's identity in a JMS session or an HTTP session, which allows local users to obtain root access to arbitrary agents via unspecified vectors. | 2016-07-07 | 7.2 | CVE-2016-0271 CONFIRM |
ibm -- watson_developer_cloud | The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. | 2016-07-02 | 7.5 | CVE-2016-0391 CONFIRM |
linux -- linux_kernel | The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet. | 2016-07-03 | 10.0 | CVE-2016-3955 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
linux -- linux_kernel | The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement. | 2016-07-03 | 7.2 | CVE-2016-4997 CONFIRM CONFIRM MLIST CONFIRM CONFIRM |
meinberg -- ims-lantime_m1000 | Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request. | 2016-07-03 | 7.5 | CVE-2016-3962 MISC |
meinberg -- ims-lantime_m1000 | Multiple stack-based buffer overflows in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request. | 2016-07-03 | 7.5 | CVE-2016-3988 MISC |
meinberg -- ims-lantime_m1000 | The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote authenticated users to obtain root privileges for writing to unspecified scripts, and consequently obtain sensitive information or modify data, by leveraging access to the nobody account. | 2016-07-03 | 8.5 | CVE-2016-3989 MISC |
microfocus -- rumba | Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (3) the PrinterName property value to ProfileEditor.PrintPasteControl in ProfEdit.dll, (4) the Data argument to the WriteRecords function in FTXBIFFLib.AS400FtxBIFF in FtxBIFF.dll, (5) the Serialized property value to NMSECCOMPARAMSLib.SSL3 in NMSecComParams.dll, (6) the UserName property value to NMSECCOMPARAMSLib.FirewallProxy in NMSecComParams.dll, (7) the LUName property value to ProfileEditor.MFSNAControl in ProfEdit.dll, (8) the newVal argument to the Load function in FTPSFTPLib.SFtpSession in FTPSFtp.dll, or (9) a long Host field in the FTP Client. | 2016-07-02 | 10.0 | CVE-2016-1606 MISC MISC CONFIRM |
microfocus -- rumba | Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability. | 2016-07-02 | 10.0 | CVE-2016-5228 MISC MISC CONFIRM |
openvswitch -- openvswitch | Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. | 2016-07-03 | 7.5 | CVE-2016-2074 MLIST CONFIRM CONFIRM MLIST |
phpmyadmin -- phpmyadmin | SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query. | 2016-07-02 | 7.5 | CVE-2016-5703 CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation. | 2016-07-02 | 7.5 | CVE-2016-5734 CONFIRM CONFIRM CONFIRM |
Medium Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apache -- struts | The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter. | 2016-07-04 | 5.0 | CVE-2015-0899 CONFIRM JVNDB JVN |
apache -- struts | ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899. | 2016-07-04 | 6.8 | CVE-2016-1181 CONFIRM CONFIRM CONFIRM JVNDB JVN |
apache -- struts | ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899. | 2016-07-04 | 6.4 | CVE-2016-1182 CONFIRM CONFIRM CONFIRM JVNDB JVN |
apache -- http_server | The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via modified flow-control windows. | 2016-07-06 | 4.3 | CVE-2016-1546 CONFIRM CONFIRM CONFIRM |
apache -- struts | Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. | 2016-07-04 | 6.8 | CVE-2016-4430 CONFIRM CONFIRM JVNDB JVN |
apache -- struts | Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks by leveraging a default method. | 2016-07-04 | 5.0 | CVE-2016-4431 CONFIRM CONFIRM JVNDB JVN |
apache -- struts | Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request. | 2016-07-04 | 5.0 | CVE-2016-4433 CONFIRM CONFIRM JVNDB JVN |
apache -- xerces-c++ | Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. | 2016-07-08 | 5.0 | CVE-2016-4463 DEBIAN CONFIRM CONFIRM CONFIRM SECTRACK BID BUGTRAQ MISC |
apache -- struts | The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field. | 2016-07-04 | 5.0 | CVE-2016-4465 CONFIRM CONFIRM JVNDB JVN |
apache -- http_server | The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the ability to send multiple requests over a single connection and aborting a renegotiation. | 2016-07-06 | 5.0 | CVE-2016-4979 CONFIRM CONFIRM MLIST CONFIRM |
cisco -- epc3928_firmware | Cisco EPC3928 devices allow remote attackers to obtain sensitive configuration and credential information by making requests during the early part of the boot process, related to a "Boot Information Disclosure" issue, aka Bug ID CSCux17178. | 2016-07-03 | 4.3 | CVE-2016-1337 BUGTRAQ MISC |
cisco -- rv110w_firmware | Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with firmware through 1.0.2.7, and RV215W devices with firmware through 1.3.0.7 allows remote authenticated users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCux86669. | 2016-07-03 | 6.8 | CVE-2016-1398 CISCO |
cisco -- evolved_programmable_network_manager | Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager (EPNM) 1.2 and 2.0 allow remote authenticated users to execute arbitrary commands or upload files via a crafted HTTP request, aka Bug ID CSCuz01488. | 2016-07-02 | 6.5 | CVE-2016-1408 CISCO |
cisco -- ios | Cisco IOS 15.0(2)SG5, 15.1(2)SG3, 15.2(1)E, 15.3(3)S, and 15.4(1.13)S allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun66735. | 2016-07-03 | 6.1 | CVE-2016-1425 CISCO |
cisco -- web_security_appliance | The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468. | 2016-07-02 | 5.0 | CVE-2016-1440 CISCO |
cisco -- cloud_network_automation_provisioner | Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145. | 2016-07-02 | 6.4 | CVE-2016-1441 CISCO |
cisco -- amp_threat_grid_appliance | The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample. | 2016-07-07 | 6.8 | CVE-2016-1443 CISCO |
cisco -- telepresence_video_communication_server | The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601. | 2016-07-07 | 5.8 | CVE-2016-1444 CISCO |
eaton -- elcsoft | Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file. | 2016-07-03 | 6.0 | CVE-2016-4509 MISC |
emc -- avamar | The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation. | 2016-07-06 | 6.5 | CVE-2016-0906 BUGTRAQ |
google -- chrome | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 2016-07-03 | 6.8 | CVE-2016-1704 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
ibm -- jazz_reporting_service | The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors. | 2016-07-07 | 4.0 | CVE-2016-0314 CONFIRM |
ibm -- jazz_reporting_service | The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 maintain session ID validity after a logout action, which allows remote authenticated users to hijack sessions by leveraging an unattended workstation. | 2016-07-07 | 6.5 | CVE-2016-0315 CONFIRM |
ibm -- websphere_application_server | CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 Full before 8.5.5.10, and 8.5 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. | 2016-07-03 | 4.3 | CVE-2016-0359 CONFIRM AIXAPAR |
ibm -- tririga_application_platform | Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees. | 2016-07-02 | 6.0 | CVE-2016-0386 AIXAPAR |
ibm -- websphere_application_server | Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to obtain sensitive information via unspecified vectors. | 2016-07-07 | 5.0 | CVE-2016-0389 CONFIRM AIXAPAR |
ibm -- cognos_analytics | IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL. | 2016-07-02 | 4.3 | CVE-2016-0398 CONFIRM |
ibm -- websphere_extreme_scale | CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. | 2016-07-02 | 4.3 | CVE-2016-0400 CONFIRM AIXAPAR AIXAPAR |
ibm -- websphere_extreme_scale | IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | 2016-07-02 | 4.3 | CVE-2016-2861 CONFIRM AIXAPAR AIXAPAR |
ibm -- websphere_commerce | Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 2016-07-03 | 4.3 | CVE-2016-2862 CONFIRM AIXAPAR AIXAPAR AIXAPAR AIXAPAR |
ibm -- websphere_commerce | Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 7.0 Feature Pack 8, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 2016-07-03 | 6.0 | CVE-2016-2863 CONFIRM AIXAPAR |
ibm -- infosphere_streams | IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors. | 2016-07-02 | 6.9 | CVE-2016-2867 CONFIRM |
ibm -- qradar_security_information_and_event_manager | IBM Security QRadar SIEM 7.2.x before 7.2.7 allows remote authenticated administrators to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 2016-07-02 | 4.0 | CVE-2016-2868 CONFIRM |
ibm -- websphere_datapower_xc10_appliance_firmware | Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances 2.1 and 2.5 allows remote authenticated users to cause a denial of service via unspecified vectors. | 2016-07-02 | 5.0 | CVE-2016-2870 CONFIRM AIXAPAR |
ibm -- qradar_security_information_and_event_manager | Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL. | 2016-07-02 | 5.0 | CVE-2016-2872 CONFIRM |
ibm -- tririga_application_platform | IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to obtain sensitive information by reading HTTP responses. | 2016-07-02 | 4.0 | CVE-2016-2882 CONFIRM |
ibm -- jazz_reporting_service | Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-0313 and CVE-2016-0350. | 2016-07-07 | 4.3 | CVE-2016-2888 CONFIRM |
ibm -- jazz_reporting_service | Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrary users. | 2016-07-07 | 6.8 | CVE-2016-2889 CONFIRM |
ibm -- websphere_application_server | IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified JAX-RS API cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 2016-07-07 | 5.0 | CVE-2016-2923 CONFIRM AIXAPAR |
ibm -- websphere_application_server | The API Discovery implementation in IBM WebSphere Application Server (WAS) 8.5.5.8 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote authenticated users to gain privileges via an external reference in a Swagger document. | 2016-07-07 | 6.0 | CVE-2016-2945 CONFIRM AIXAPAR |
ibm -- integration_bus | The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace. | 2016-07-02 | 5.0 | CVE-2016-2961 CONFIRM AIXAPAR |
ibm -- security_qradar_incident_forensics | IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors. | 2016-07-02 | 5.5 | CVE-2016-2968 CONFIRM |
ibm -- sdk | The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers. | 2016-07-02 | 5.0 | CVE-2016-3956 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
isc -- bind | ISC BIND through 9.10.4-P1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message. | 2016-07-06 | 4.0 | CVE-2016-6170 MLIST MLIST MLIST MISC CONFIRM MLIST |
libreoffice -- libreoffice | Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and supercript tokens. | 2016-07-08 | 6.8 | CVE-2016-4324 UBUNTU MISC SECTRACK BID CONFIRM DEBIAN |
linux -- linux_kernel | The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary. | 2016-07-03 | 5.6 | CVE-2016-4998 CONFIRM CONFIRM MLIST CONFIRM |
ntp -- ntp | ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time. | 2016-07-04 | 4.3 | CVE-2016-4953 CERT-VN CONFIRM CONFIRM CONFIRM |
ntp -- ntp | The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication. | 2016-07-04 | 4.3 | CVE-2016-4954 CERT-VN CONFIRM CONFIRM CONFIRM |
ntp -- ntp | ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548. | 2016-07-04 | 5.0 | CVE-2016-4956 CERT-VN CONFIRM CONFIRM CONFIRM |
ntp -- ntp | ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547. | 2016-07-04 | 5.0 | CVE-2016-4957 CERT-VN CONFIRM CONFIRM CONFIRM |
ntt_east -- pr-400mi_firmware | NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | 2016-07-03 | 6.5 | CVE-2016-1227 CONFIRM CONFIRM JVNDB JVN |
ntt_west -- pr-400mi | Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the authentication of arbitrary users. | 2016-07-03 | 6.8 | CVE-2016-1228 CONFIRM CONFIRM JVNDB JVN |
phpmyadmin -- phpmyadmin | phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs. | 2016-07-04 | 5.0 | CVE-2016-5097 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error. | 2016-07-04 | 5.0 | CVE-2016-5098 CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding. | 2016-07-04 | 4.3 | CVE-2016-5099 CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI. | 2016-07-02 | 4.3 | CVE-2016-5701 CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value, allows remote attackers to conduct cookie-attribute injection attacks via a crafted URI. | 2016-07-02 | 4.3 | CVE-2016-5702 CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | Cross-site scripting (XSS) vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment. | 2016-07-02 | 4.3 | CVE-2016-5704 CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation. | 2016-07-02 | 4.3 | CVE-2016-5705 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter. | 2016-07-02 | 5.0 | CVE-2016-5706 CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message. | 2016-07-02 | 5.0 | CVE-2016-5730 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | Cross-site scripting (XSS) vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message. | 2016-07-02 | 4.3 | CVE-2016-5731 CONFIRM CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters. | 2016-07-02 | 4.3 | CVE-2016-5732 CONFIRM CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml. | 2016-07-02 | 4.3 | CVE-2016-5733 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
phpmyadmin -- phpmyadmin | The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php. | 2016-07-02 | 5.0 | CVE-2016-5739 CONFIRM CONFIRM CONFIRM |
qnap -- qts | Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS before 4.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2016-07-03 | 4.3 | CVE-2015-5664 CONFIRM JVNDB JVN |
rexroth -- bladecontrol-webvis | SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 2016-07-06 | 5.5 | CVE-2016-4507 MISC |
rexroth -- bladecontrol-webvis | Cross-site scripting (XSS) vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2016-07-06 | 4.3 | CVE-2016-4508 MISC |
samba -- samba | libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag. | 2016-07-07 | 6.8 | CVE-2016-2119 CONFIRM |
vmware -- vcenter_server | Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 2016-07-02 | 4.3 | CVE-2015-6931 CONFIRM |
vmware -- nsx_edge | VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL-VPN feature is configured, allow remote attackers to obtain sensitive information via unspecified vectors. | 2016-07-02 | 4.3 | CVE-2016-2079 CONFIRM |
vmware -- vrealize_log_insight | Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2016-07-02 | 4.3 | CVE-2016-2081 CONFIRM |
vmware -- vrealize_log_insight | Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 2016-07-02 | 6.8 | CVE-2016-2082 CONFIRM |
Low Vulnerabilities
Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
emc -- rsa_archer_egrc | EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for .bak files. | 2016-07-04 | 3.5 | CVE-2016-0899 BUGTRAQ |
flexerasoftware -- installanywhere | Untrusted search path vulnerability in Flexera InstallAnywhere allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file. | 2016-07-02 | 3.7 | CVE-2016-4560 CONFIRM |
ibm -- cognos_business_intelligence | Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as used in IBM Cognos Business Intelligence 10.2 before IF20, 10.2.1 before IF17, 10.2.1.1 before IF16, 10.2.2 before IF12, and 10.1.1 before IF19, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2016-07-03 | 3.5 | CVE-2016-0221 CONFIRM |
ibm -- control_center | IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control Center 5.4.x before 5.4.2.1 iFix09 allow local users to decrypt the master key via unspecified vectors. | 2016-07-07 | 1.9 | CVE-2016-0252 CONFIRM |
ibm -- i_access | IBM i Access 7.1 on Windows allows local users to discover registry passwords via unspecified vectors. | 2016-07-07 | 2.1 | CVE-2016-0287 AIXAPAR CONFIRM |
ibm -- jazz_reporting_service | Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-2888 and CVE-2016-0350. | 2016-07-07 | 3.5 | CVE-2016-0313 CONFIRM |
ibm -- cognos_business_intelligence | Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence 10.2 before IF20, 10.2.1 before IF17, 10.2.1.1 before IF16, 10.2.2 before IF12, and 10.1.1 before IF19 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2016-07-03 | 3.5 | CVE-2016-0346 CONFIRM |
ibm -- jazz_reporting_service | Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-2888 and CVE-2016-0313. | 2016-07-07 | 3.5 | CVE-2016-0350 CONFIRM |
ibm -- tririga_application_platform | Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2016-07-02 | 3.5 | CVE-2016-0387 CONFIRM |
ibm -- maximo_asset_management | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.9 IFIX007, and 7.6 before 7.6.0.5 FP005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2016-07-02 | 3.5 | CVE-2016-0399 CONFIRM |
ibm -- tririga_application_platform | Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2016-07-02 | 3.5 | CVE-2016-2883 CONFIRM |
ibm -- tivoli_storage_manager | IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions. | 2016-07-03 | 2.1 | CVE-2016-2894 CONFIRM AIXAPAR |
linux -- linux_kernel | Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability. | 2016-07-03 | 1.9 | CVE-2016-6130 CONFIRM CONFIRM BUGTRAQ CONFIRM |
ntp -- ntp | ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time. | 2016-07-04 | 2.6 | CVE-2016-4955 CERT-VN CONFIRM CONFIRM CONFIRM |
siemens -- sicam_pas | Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges. | 2016-07-04 | 1.7 | CVE-2016-5848 CONFIRM |
siemens -- sicam_pas | Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage. | 2016-07-04 | 1.9 | CVE-2016-5849 CONFIRM |
-기사원문확인하기: [US-CERT: Bulletin(SB16-193)] 2016년 7월 4일까지 발표된 보안 취약점
'IT 와 Social 이야기' 카테고리의 다른 글
[Professor Lili Saghafi] Business Intelligence & Predictive Analytic (0) | 2016.07.13 |
---|---|
[Pollen VC] Pollen VC Building A Digital Lending Business (0) | 2016.07.13 |
[Mintigo1] Demystifying Predictive Lead Scoring (0) | 2016.07.12 |
[Jeffrey Strickland] predictive models (0) | 2016.07.12 |
[Jeffrey Strickland] Data Science and Analytics for Ordinary People (0) | 2016.07.12 |