2016 NATIONAL VULNERABILITY DATABASE CVE

2016 VULNERABILITY DATABASE

CVE-2016-0126

Summary: Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Published: 5/10/2016 9:59:02 PM

CVSS Severity: v3 - 7.8 HIGH v2 - 9.3 HIGH

CVE-2016-4561

Summary: Cross-site scripting (XSS) vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message.

Published: 5/10/2016 3:59:04 PM

CVSS Severity: v3 - 6.1 MEDIUM v2 - 4.3 MEDIUM

CVE-2016-4556

Summary: Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.

Published: 5/10/2016 3:59:03 PM

CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM

CVE-2016-4555

Summary: client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.

Published: 5/10/2016 3:59:02 PM

CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM

CVE-2016-4554

Summary: mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crated HTTP Host header, aka a "header smuggling" issue.

Published: 5/10/2016 3:59:01 PM

CVSS Severity: v3 - 8.6 HIGH v2 - 5.0 MEDIUM

CVE-2016-4553

Summary: client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.

Published: 5/10/2016 3:59:00 PM

CVSS Severity: v3 - 8.6 HIGH v2 - 5.0 MEDIUM

CVE-2016-4350

Summary: Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage Resource Monitor (SRM) Profiler (formerly Storage Manager (STM)) before 6.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) ScriptSchedule parameter in the ScriptServlet servlet; the (2) winEventId or (3) winEventLog parameter in the WindowsEventLogsServlet servlet; the (4) processOS parameter in the ProcessesServlet servlet; the (5) group, (6) groupName, or (7) clientName parameter in the BackupExceptionsServlet servlet; the (8) valDB or (9) valFS parameter in the BackupAssociationServlet servlet; the (10) orderBy or (11) orderDir parameter in the HostStorageServlet servlet; the (12) fileName, (13) sortField, or (14) sortDirection parameter in the DuplicateFilesServlet servlet; the (15) orderFld or (16) orderDir parameter in the QuantumMonitorServlet servlet; the (17) exitCode parameter in the NbuErrorMessageServlet servlet; the (18) udfName, (19) displayName, (20) udfDescription, (21) udfDataValue, (22) udfSectionName, or (23) udfId parameter in the UserDefinedFieldConfigServlet servlet; the (24) sortField or (25) sortDirection parameter in the XiotechMonitorServlet servlet; the (26) sortField or (27) sortDirection parameter in the BexDriveUsageSummaryServlet servlet; the (28) state parameter in the ScriptServlet servlet; the (29) assignedNames parameter in the FileActionAssignmentServlet servlet; the (30) winEventSource parameter in the WindowsEventLogsServlet servlet; or the (31) name, (32) ipOne, (33) ipTwo, or (34) ipThree parameter in the XiotechMonitorServlet servlet.

Published: 5/9/2016 4:59:04 PM

CVSS Severity: v3 - 9.8 CRITICAL v2 - 10.0 HIGH

CVE-2016-3105

Summary: The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.

Published: 5/9/2016 4:59:03 PM

CVSS Severity: v3 - 8.8 HIGH v2 - 6.8 MEDIUM

CVE-2015-5208

Summary: Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.

Published: 5/9/2016 4:59:02 PM

CVSS Severity: v3 - 4.4 MEDIUM v2 - 4.3 MEDIUM

CVE-2015-5207

Summary: Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods.

Published: 5/9/2016 4:59:00 PM

CVSS Severity: v3 - 5.3 MEDIUM v2 - 7.5 HIGH

CVE-2016-4477

Summary: wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.

Published: 5/9/2016 6:59:42 AM

CVSS Severity: v3 - 7.8 HIGH v2 - 4.4 MEDIUM

CVE-2016-4476

Summary: hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.

Published: 5/9/2016 6:59:41 AM

CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM

CVE-2016-2462

Summary: OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173.

Published: 5/9/2016 6:59:40 AM

CVSS Severity: v3 - 7.0 HIGH v2 - 7.6 HIGH

CVE-2016-2461

Summary: OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681.

Published: 5/9/2016 6:59:39 AM

CVSS Severity: v3 - 7.0 HIGH v2 - 7.6 HIGH

CVE-2016-2460

Summary: mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27555981.

Published: 5/9/2016 6:59:38 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.3 MEDIUM

CVE-2016-2459

Published: 5/9/2016 6:59:37 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.3 MEDIUM

CVE-2016-2458

Summary: The compose functionality in AOSP Mail in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly restrict attachments, which allows attackers to obtain sensitive information via a crafted application, related to ComposeActivity.java and ComposeActivityEmail.java, aka internal bug 27335139.

Published: 5/9/2016 6:59:36 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.3 MEDIUM

CVE-2016-2457

Summary: server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to bypass intended restrictions on Wi-Fi configuration changes by leveraging guest access, aka internal bug 27411179.

Published: 5/9/2016 6:59:34 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW

CVE-2016-2456

Summary: The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187.

Published: 5/9/2016 6:59:33 AM

CVSS Severity: v3 - 7.0 HIGH v2 - 5.1 MEDIUM

CVE-2016-2454

Summary: The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024.

Published: 5/9/2016 6:59:32 AM

CVSS Severity: v3 - 5.5 MEDIUM v2 - 7.1 HIGH

<<< New Older >>>