2016 VULNERABILITY DATABASE
CVE-2016-5367
Summary: Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors, aka HWPSIRT-2016-05053.
Published: 6/14/2016 10:59:06 AM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-5366
Summary: Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to modify configuration data via vectors related to a "file injection vulnerability," aka HWPSIRT-2016-05052.
Published: 6/14/2016 10:59:04 AM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-5365
Summary: Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HWPSIRT-2016-05051.
Published: 6/14/2016 10:59:03 AM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
CVE-2016-5338
Summary: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.
Published: 6/14/2016 10:59:02 AM
CVSS Severity: v3 - 7.8 HIGH v2 - 4.6 MEDIUM
CVE-2016-5337
Summary: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
Published: 6/14/2016 10:59:01 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW
CVE-2016-5238
Summary: The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
Published: 6/14/2016 10:59:00 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW
CVE-2016-4579
Summary: Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."
Published: 6/13/2016 3:59:10 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-4574
Summary: Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.
Published: 6/13/2016 3:59:09 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-4478
Summary: Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.
Published: 6/13/2016 3:59:09 PM
CVE-2016-4414
Summary: The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
Published: 6/13/2016 3:59:08 PM
CVE-2016-4356
Summary: The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data.
Published: 6/13/2016 3:59:06 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-4355
Summary: Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
Published: 6/13/2016 3:59:05 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-4354
Summary: ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
Published: 6/13/2016 3:59:04 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-4353
Summary: ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
Published: 6/13/2016 3:59:03 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-3698
Summary: libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
Published: 6/13/2016 3:59:02 PM
CVSS Severity: v3 - 8.1 HIGH v2 - 6.8 MEDIUM
CVE-2015-8869
Summary: OCamel before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
Published: 6/13/2016 3:59:01 PM
CVE-2014-9773
Summary: modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.
Published: 6/13/2016 3:59:00 PM
CVE-2016-5302
Summary: Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.
Published: 6/13/2016 10:59:10 AM
CVE-2016-5234
Summary: Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconference devices with software before V500R002C00SPC100, when an unspecified service is enabled, allows remote attackers to execute arbitrary code via a crafted packet, aka HWPSIRT-2016-05054.
Published: 6/13/2016 10:59:09 AM
CVSS Severity: v3 - 8.1 HIGH v2 - 9.3 HIGH
CVE-2016-5104
Summary: The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
Published: 6/13/2016 10:59:08 AM
CVE-2016-4911
Summary: The Fernet Token Provider in OpenStack Identity (Keystone) 9.0.x before 9.0.1 (mitaka) allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token.
Published: 6/13/2016 10:59:07 AM
CVE-2016-4005
Summary: The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008.
Published: 6/13/2016 10:59:06 AM
CVE-2016-3677
Summary: The Huawei Wear App application before 15.0.0.307 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008.
Published: 6/13/2016 10:59:05 AM
CVSS Severity: v3 - 6.5 MEDIUM v2 - 6.8 MEDIUM
CVE-2016-3670
Summary: Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.
Published: 6/13/2016 10:59:03 AM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM
CVE-2016-2174
Summary: SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.
Published: 6/13/2016 10:59:02 AM
CVSS Severity: v3 - 7.2 HIGH v2 - 6.5 MEDIUM
CVE-2016-1543
Summary: The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure.
Published: 6/13/2016 10:59:01 AM