2016 VULNERABILITY DATABASE

 

 

 

CVE-2016-2850

Summary: Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

Published: 5/13/2016 10:59:11 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2016-2849

Summary: Botan before 1.10.13 and 1.11.x before 1.11.29 does not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.

Published: 5/13/2016 10:59:10 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2016-2196

Summary: Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors.

Published: 5/13/2016 10:59:09 AM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-2195

Summary: Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.

Published: 5/13/2016 10:59:08 AM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 10.0 HIGH

 

CVE-2016-2194

Summary: The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.

Published: 5/13/2016 10:59:07 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2016-2099

Summary: Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier does not properly handle exceptions raised in the XMLReader class, which allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.

Published: 5/13/2016 10:59:06 AM

 

CVE-2016-1580

Summary: The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."

Published: 5/13/2016 10:59:05 AM

 

CVE-2016-1578

Summary: Use-after-free vulnerability in Oxide allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to responding synchronously to permission requests.

Published: 5/13/2016 10:59:04 AM

 

CVE-2015-7827

Summary: Botan before 1.10.13 and 1.11.x before 1.11.22 makes it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.

Published: 5/13/2016 10:59:03 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2015-5727

Summary: The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.

Published: 5/13/2016 10:59:02 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 7.8 HIGH

 

CVE-2015-5726

Summary: The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.

Published: 5/13/2016 10:59:01 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2014-9742

Summary: The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.

Published: 5/13/2016 10:59:00 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2010-5326

Summary: The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "Detour" attack.

Published: 5/13/2016 6:59:00 AM

 

CVE-2016-4499

Summary: Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors.

Published: 5/11/2016 9:59:14 PM

 

CVSS Severity: v3 - 4.2 MEDIUM      v2 - 4.4 MEDIUM

 

CVE-2016-4498

Summary: Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: 5/11/2016 9:59:13 PM

 

CVSS Severity: v3 - 5.5 MEDIUM      v2 - 6.8 MEDIUM

 

CVE-2016-4497

Summary: Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."

Published: 5/11/2016 9:59:12 PM

 

CVSS Severity: v3 - 4.2 MEDIUM      v2 - 6.8 MEDIUM

 

CVE-2016-4496

Summary: Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, as demonstrated by an integer overflow.

Published: 5/11/2016 9:59:11 PM

 

CVSS Severity: v3 - 4.2 MEDIUM      v2 - 4.4 MEDIUM

 

CVE-2016-1393

Summary: SQL injection vulnerability in Cisco Cloud Network Automation Provisioner (CNAP) 1.0 and 1.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy72175.

Published: 5/11/2016 9:59:10 PM

 

CVSS Severity: v3 - 7.1 HIGH      v2 - 6.5 MEDIUM

 

CVE-2016-3712

Summary: Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

Published: 5/11/2016 5:59:02 PM

 

CVSS Severity: v3 - 5.5 MEDIUM      v2 - 2.1 LOW

 

CVE-2016-3710

Summary: The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS users to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

Published: 5/11/2016 5:59:01 PM

 

CVSS Severity: v3 - 8.8 HIGH      v2 - 7.2 HIGH

 

 

<<< New  Older >>>