2016 NATIONAL VULNERABILITY DATABASE

2016 VULNERABILITY DATABASE

CVE-2016-5839

Summary: WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.

Published: 6/29/2016 10:10:10 AM

CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM

CVE-2016-5838

Summary: WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie.

Published: 6/29/2016 10:10:09 AM

CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM

CVE-2016-5837

Summary: WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.

Published: 6/29/2016 10:10:08 AM

CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM

CVE-2016-5836

Summary: The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors.

Published: 6/29/2016 10:10:07 AM

CVE-2016-5835

Summary: WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php.

Published: 6/29/2016 10:10:06 AM

CVE-2016-5834

Summary: Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833.

Published: 6/29/2016 10:10:05 AM

CVE-2016-5833

Summary: Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5834.

Published: 6/29/2016 10:10:04 AM

CVE-2016-5832

Summary: The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.

Published: 6/29/2016 10:10:03 AM

CVE-2016-5101

Summary: Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message.

Published: 6/29/2016 10:10:02 AM

CVE-2016-1237

Summary: nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.

Published: 6/29/2016 10:10:01 AM

CVE-2012-6703

Summary: Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.

Published: 6/29/2016 10:10:00 AM

CVE-2016-0304

Summary: The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920.

Published: 6/28/2016 9:59:06 PM

CVE-2016-0298

Summary: Directory traversal vulnerability in IBM Security Guardium Database Activity Monitor 10 before 10.0p100 allows remote authenticated users to read arbitrary files via a crafted URL.

Published: 6/28/2016 9:59:05 PM

CVE-2016-0267

Summary: IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secure-property information via (1) the server UI or (2) a database request.

Published: 6/28/2016 9:59:04 PM

CVE-2016-0263

Summary: IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command.

Published: 6/28/2016 9:59:03 PM

CVE-2016-0260

Summary: Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service (heap memory consumption) by triggering many errors.

Published: 6/28/2016 9:59:02 PM

CVE-2015-8699

Summary: Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: 6/28/2016 9:59:01 PM

CVE-2015-8698

Summary: CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary files or cause a denial of service via a request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Published: 6/28/2016 9:59:00 PM

CVE-2016-0233

Summary: SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Published: 6/27/2016 9:59:02 PM

CVE-2016-0229

Summary: Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Published: 6/27/2016 9:59:01 PM

CVE-2016-0224

Summary: SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: 6/27/2016 9:59:00 PM

CVE-2016-5829

Summary: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

Published: 6/27/2016 6:59:14 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH

CVE-2016-5828

Summary: The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.

Published: 6/27/2016 6:59:13 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH

CVE-2016-5728

Summary: Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.

Published: 6/27/2016 6:59:12 AM

CVSS Severity: v3 - 7.1 HIGH v2 - 5.6 MEDIUM

CVE-2016-5244

Summary: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

Published: 6/27/2016 6:59:11 AM

CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM

CVE-2016-5243

Summary: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

Published: 6/27/2016 6:59:10 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW

CVE-2016-4470

Summary: The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

Published: 6/27/2016 6:59:08 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.9 MEDIUM

CVE-2016-4440

Summary: arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode.

Published: 6/27/2016 6:59:07 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH

CVE-2016-3949

Summary: Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus packets.

Published: 6/27/2016 6:59:06 AM

CVE-2016-3713

Summary: The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call.

Published: 6/27/2016 6:59:05 AM

CVSS Severity: v3 - 7.1 HIGH v2 - 5.6 MEDIUM

CVE-2016-3707

Summary: The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

Published: 6/27/2016 6:59:04 AM

CVSS Severity: v3 - 8.1 HIGH v2 - 6.8 MEDIUM

CVE-2016-1583

Summary: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

Published: 6/27/2016 6:59:03 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH

CVE-2016-0758

Summary: Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

Published: 6/27/2016 6:59:02 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH

CVE-2014-9904

Summary: The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.

Published: 6/27/2016 6:59:01 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH

CVE-2014-9903

Summary: The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call.

Published: 6/27/2016 6:59:00 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW

CVE-2016-0301

Summary: Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0279.

Published: 6/26/2016 10:59:05 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 6.8 MEDIUM

CVE-2016-0279

Published: 6/26/2016 10:59:04 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 6.8 MEDIUM

CVE-2016-0278

Published: 6/26/2016 10:59:03 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 6.8 MEDIUM

<<< New Older >>>