2016 VULNERABILITY DATABASE
CVE-2016-4525
Summary: Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.
Published: 6/24/2016 9:59:01 PM
CVE-2016-4519
Summary: Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file.
Published: 6/24/2016 9:59:00 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 7.5 HIGH
CVE-2016-5723
Summary: Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors.
Published: 6/24/2016 1:59:05 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH
CVE-2016-5722
Summary: OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network.
Published: 6/24/2016 1:59:04 PM
CVSS Severity: v3 - 7.3 HIGH v2 - 7.5 HIGH
CVE-2016-5709
Summary: SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.
Published: 6/24/2016 1:59:03 PM
CVSS Severity: v3 - 4.7 MEDIUM v2 - 1.9 LOW
CVE-2016-5435
Summary: Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet.
Published: 6/24/2016 1:59:02 PM
CVSS Severity: v3 - 5.9 MEDIUM v2 - 7.1 HIGH
CVE-2016-5021
Summary: The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors.
Published: 6/24/2016 1:59:01 PM
CVSS Severity: v3 - 4.9 MEDIUM v2 - 4.0 MEDIUM
CVE-2016-4802
Summary: Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in the application or current working directory.
Published: 6/24/2016 1:59:00 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 6.9 MEDIUM
CVE-2016-1439
Summary: Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650.
Published: 6/22/2016 8:59:07 PM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM
CVE-2016-1438
Summary: Cisco AsyncOS 9.7.0-125 on Email Security Appliance (ESA) devices allows remote attackers to bypass intended spam filtering via crafted executable content in a ZIP archive, aka Bug ID CSCuy39210.
Published: 6/22/2016 8:59:07 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-1437
Summary: SQL injection vulnerability in the SQL database in Cisco Prime Collaboration Deployment before 11.5.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy92549.
Published: 6/22/2016 8:59:06 PM
CVSS Severity: v3 - 6.5 MEDIUM v2 - 4.0 MEDIUM
CVE-2016-1436
Summary: The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted GTPv1 packet, aka Bug ID CSCuz46198.
Published: 6/22/2016 8:59:05 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-1435
Summary: Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014.
Published: 6/22/2016 8:59:04 PM
CVSS Severity: v3 - 7.0 HIGH v2 - 6.2 MEDIUM
CVE-2016-1434
Summary: The license-certificate upload functionality on Cisco 8800 phones with software 11.0(1) allows remote authenticated users to delete arbitrary files via an invalid file, aka Bug ID CSCuz03010.
Published: 6/22/2016 8:59:03 PM
CVSS Severity: v3 - 6.5 MEDIUM v2 - 4.0 MEDIUM
CVE-2016-1428
Summary: Double free vulnerability in Cisco IOS XE 3.15S, 3.16S, and 3.17S allows remote authenticated users to cause a denial of service (device restart) via a sequence of crafted SNMP read requests, aka Bug ID CSCux13174.
Published: 6/22/2016 8:59:02 PM
CVSS Severity: v3 - 6.5 MEDIUM v2 - 6.8 MEDIUM
CVE-2016-0914
Summary: EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface.
Published: 6/22/2016 8:59:01 PM
CVSS Severity: v3 - 6.3 MEDIUM v2 - 6.5 MEDIUM
CVE-2015-6289
Summary: Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and 829 devices allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets on the SSH port, aka Bug ID CSCuu13476.
Published: 6/22/2016 8:59:00 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-2364
Summary: The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously trixbox Pro) 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Published: 6/19/2016 9:59:05 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-2363
Summary: Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account.
Published: 6/19/2016 9:59:04 PM
CVE-2016-2362
Summary: Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a (1) FTP or (2) SSH connection.
Published: 6/19/2016 9:59:03 PM
CVE-2016-2178
Summary: The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
Published: 6/19/2016 9:59:03 PM
CVE-2016-2177
Summary: OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
Published: 6/19/2016 9:59:02 PM
CVE-2015-8289
Summary: The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
Published: 6/19/2016 9:59:01 PM
CVE-2015-8288
Summary: NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Published: 6/19/2016 9:59:00 PM
CVSS Severity: v3 - 5.9 MEDIUM v2 - 4.3 MEDIUM
CVE-2016-4811
Summary: The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified vectors.
Published: 6/19/2016 4:59:15 PM
CVE-2016-4530
Summary: OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message.
Published: 6/19/2016 4:59:14 PM
CVE-2016-4518
Summary: OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message.
Published: 6/19/2016 4:59:13 PM
CVE-2016-4514
Summary: Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.
Published: 6/19/2016 4:59:12 PM
CVE-2016-1864
Summary: The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL.
Published: 6/19/2016 4:59:11 PM
CVSS Severity: v3 - 4.3 MEDIUM v2 - 5.0 MEDIUM
CVE-2016-1862
Summary: Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.
Published: 6/19/2016 4:59:09 PM
CVE-2016-1861
Summary: The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.
Published: 6/19/2016 4:59:08 PM
CVE-2016-1860
Summary: Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.
Published: 6/19/2016 4:59:07 PM
CVE-2016-1196
Summary: Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776.
Published: 6/19/2016 4:59:06 PM
CVE-2016-1192
Summary: Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors.
Published: 6/19/2016 4:59:05 PM
CVE-2016-1191
Summary: Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors.
Published: 6/19/2016 4:59:04 PM
CVE-2016-0912
Summary: EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation.
Published: 6/19/2016 4:59:04 PM
CVE-2016-0911
Summary: EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_root_squash option for NFS exports, which makes it easier for remote attackers to obtain filesystem access by leveraging client root privileges.
Published: 6/19/2016 4:59:03 PM