2016 VULNERABILITY DATABASE
CVE-2016-1182
Summary: ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.
Published: 7/4/2016 6:59:02 PM
CVSS Severity: v3 - 8.2 HIGH v2 - 6.4 MEDIUM
CVE-2016-1181
Summary: ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.
Published: 7/4/2016 6:59:01 PM
CVSS Severity: v3 - 8.1 HIGH v2 - 6.8 MEDIUM
CVE-2015-0899
Summary: The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.
Published: 7/4/2016 6:59:00 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2016-5849
Summary: Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage.
Published: 7/4/2016 12:59:02 PM
CVE-2016-5848
Summary: Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges.
Published: 7/4/2016 12:59:01 PM
CVE-2016-0899
Summary: EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for .bak files.
Published: 7/4/2016 12:59:00 PM
CVE-2016-6130
Summary: Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability.
Published: 7/3/2016 5:59:18 PM
CVSS Severity: v3 - 4.7 MEDIUM v2 - 1.9 LOW
CVE-2016-4998
Summary: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.
Published: 7/3/2016 5:59:17 PM
CVSS Severity: v3 - 7.1 HIGH v2 - 5.6 MEDIUM
CVE-2016-4997
Summary: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.
Published: 7/3/2016 5:59:16 PM
CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH
CVE-2016-3955
Summary: The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
Published: 7/3/2016 5:59:15 PM
CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH
CVE-2016-2894
Summary: IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions.
Published: 7/3/2016 5:59:14 PM
CVE-2016-2863
Summary: Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 7.0 Feature Pack 8, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Published: 7/3/2016 5:59:12 PM
CVSS Severity: v3 - 8.0 HIGH v2 - 6.0 MEDIUM
CVE-2016-2862
Summary: Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Published: 7/3/2016 5:59:11 PM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM
CVE-2016-2074
Summary: Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.
Published: 7/3/2016 5:59:10 PM
CVE-2016-1704
Summary: Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Published: 7/3/2016 5:59:09 PM
CVSS Severity: v3 - 8.8 HIGH v2 - 6.8 MEDIUM
CVE-2016-1425
Summary: Cisco IOS 15.0(2)SG5, 15.1(2)SG3, 15.2(1)E, 15.3(3)S, and 15.4(1.13)S allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun66735.
Published: 7/3/2016 5:59:08 PM
CVSS Severity: v3 - 6.5 MEDIUM v2 - 6.1 MEDIUM
CVE-2016-1398
Summary: Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with firmware through 1.0.2.7, and RV215W devices with firmware through 1.3.0.7 allows remote authenticated users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCux86669.
Published: 7/3/2016 5:59:07 PM
CVSS Severity: v3 - 6.5 MEDIUM v2 - 6.8 MEDIUM
CVE-2016-1337
Summary: Cisco EPC3928 devices allow remote attackers to obtain sensitive configuration and credential information by making requests during the early part of the boot process, related to a "Boot Information Disclosure" issue, aka Bug ID CSCux17178.
Published: 7/3/2016 5:59:06 PM
CVSS Severity: v3 - 8.1 HIGH v2 - 4.3 MEDIUM
CVE-2016-1336
Summary: goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of Service" issue, aka Bug ID CSCuy28100.
Published: 7/3/2016 5:59:05 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 7.8 HIGH
CVE-2016-1328
Summary: goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948.
Published: 7/3/2016 5:59:04 PM
CVSS Severity: v3 - 7.5 HIGH v2 - 7.8 HIGH