CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-8279 284 DoS 2016-09-26 2016-09-28
7.1
None Remote Medium Not required None None Complete
The video driver in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B362, CRR-UL20 before CRR-UL20C00B362, CRR-CL00 before CRR-CL00C92B362, and CRR-CL20 before CRR-CL20C92B362; P8 smartphones with software GRA-TL00 before GRA-TL00C01B366, GRA-UL00 before GRA-UL00C00B366, GRA-UL10 before GRA-UL10C00B366, and GRA-CL00 before GRA-CL00C92B366; and Honor 6 and Honor 6 Plus smartphones with software before 6.9.16 allows attackers to cause a denial of service (device reboot) via a crafted application.
2 CVE-2016-7568 190 DoS Overflow 2016-09-28 2016-09-29
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
3 CVE-2016-7417 20 DoS 2016-09-17 2016-09-19
7.5
None Remote Low Not required Partial Partial Partial
ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data.
4 CVE-2016-7415 119 DoS Overflow 2016-09-17 2016-09-19
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.
5 CVE-2016-7414 119 DoS Overflow 2016-09-17 2016-09-19
7.5
None Remote Low Not required Partial Partial Partial
The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c.
6 CVE-2016-7413 416 DoS 2016-09-17 2016-09-19
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call.
7 CVE-2016-7411 119 DoS Overflow Mem. Corr. 2016-09-17 2016-09-19
7.5
None Remote Low Not required Partial Partial Partial
ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.
8 CVE-2016-7154 416 DoS Exec Code +Info 2016-09-21 2016-09-22
7.2
None Local Low Not required Complete Complete Complete
Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number.
9 CVE-2016-7134 119 DoS Overflow 2016-09-11 2016-09-12
7.5
None Remote Low Not required Partial Partial Partial
ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call.
10 CVE-2016-7129 20 DoS 2016-09-11 2016-09-12
7.5
None Remote Low Not required Partial Partial Partial
The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document.
11 CVE-2016-7127 787 DoS 2016-09-11 2016-09-12
7.5
None Remote Low Not required Partial Partial Partial
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.
12 CVE-2016-7126 787 DoS 2016-09-11 2016-09-12
7.5
None Remote Low Not required Partial Partial Partial
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.
13 CVE-2016-7124 502 DoS 2016-09-11 2016-09-12
7.5
None Remote Low Not required Partial Partial Partial
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
14 CVE-2016-7115 119 Exec Code Overflow 2016-08-30 2016-08-31
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the handle_packet function in mactelnet.c in the client in MAC-Telnet 0.4.3 and earlier allows remote TELNET servers to execute arbitrary code via a long string in an MT_CPTYPE_PASSSALT control packet.
15 CVE-2016-7113 399 DoS 2016-09-05 2016-09-06
7.8
None Remote Low Not required None None Complete
The EN100 Ethernet module before 4.29 for Siemens SIPROTEC 4 and SIPROTEC Compact devices allows remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets.
16 CVE-2016-7093 264 +Priv 2016-09-21 2016-09-21
7.2
None Local Low Not required Complete Complete Complete
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
17 CVE-2016-7089 264 Exec Code +Priv 2016-08-24 2016-08-25
7.2
None Local Low Not required Complete Complete Complete
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.
18 CVE-2016-6826 284 DoS 2016-09-26 2016-09-28
7.1
None Remote Medium Not required None None Complete
Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a denial of service (application crash) via a crafted compressed email attachment.
19 CVE-2016-6669 119 Exec Code Overflow 2016-09-22 2016-09-22
7.1
None Remote High Single system Complete Complete Complete
Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet.
20 CVE-2016-6531 255 2016-09-24 2016-09-28
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** Open Dental 16.1 and earlier has a hardcoded MySQL root password, which allows remote attackers to obtain administrative access by leveraging access to intranet TCP port 3306. NOTE: the vendor disputes this issue, stating that the "vulnerability note ... is factually false ... there is indeed a default blank password, but it can be changed ... We recommend that users change it, each customer receives direction."
21 CVE-2016-6525 119 DoS Exec Code Overflow 2016-09-22 2016-09-22
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.
22 CVE-2016-6515 20 DoS 2016-08-07 2016-08-23
7.8
None Remote Low Not required None None Complete
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
23 CVE-2016-6493 254 2016-08-19 2016-08-23
7.5
None Remote Low Not required Partial Partial Partial
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
24 CVE-2016-6486 264 +Priv 2016-08-07 2016-08-10
7.2
None Local Low Not required Complete Complete Complete
Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors.
25 CVE-2016-6414 78 Exec Code 2016-09-22 2016-09-23
7.2
None Local Low Not required Complete Complete Complete
iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223.
26 CVE-2016-6402 264 2016-09-18 2016-09-19
7.2
None Local Low Not required Complete Complete Complete
UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.
27 CVE-2016-6399 20 DoS 2016-09-12 2016-09-12
7.8
None Remote Low Not required None None Complete
Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317.
28 CVE-2016-6374 20 Exec Code 2016-09-22 2016-09-23
7.5
None Remote Low Not required Partial Partial Partial
Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers to execute arbitrary code via a crafted dnslookup command in an HTTP request, aka Bug ID CSCuz89093.
29 CVE-2016-6369 264 +Priv 2016-08-25 2016-08-26
7.2
None Local Low Not required Complete Complete Complete
Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.
30 CVE-2016-6362 264 +Priv 2016-08-22 2016-08-22
7.2
None Local Low Not required Complete Complete Complete
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.
31 CVE-2016-6355 399 DoS 2016-08-22 2016-08-23
7.8
None Remote Low Not required None None Complete
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791.
32 CVE-2016-6354 119 DoS Exec Code Overflow 2016-09-21 2016-09-22
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.
33 CVE-2016-6351 787 DoS Exec Code 2016-09-07 2016-09-08
7.2
None Local Low Not required Complete Complete Complete
The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer.
34 CVE-2016-6322 264 2016-09-22 2016-09-22
7.2
None Local Low Not required Complete Complete Complete
Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
35 CVE-2016-6318 119 DoS Overflow +Priv 2016-09-07 2016-09-08
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.
36 CVE-2016-6308 399 DoS 2016-09-26 2016-09-27
7.1
None Remote Medium Not required None None Complete
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
37 CVE-2016-6304 399 DoS 2016-09-26 2016-09-27
7.8
None Remote Low Not required None None Complete
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
38 CVE-2016-6303 787 DoS Overflow 2016-09-16 2016-09-16
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
39 CVE-2016-6296 119 DoS Overflow 2016-07-25 2016-09-26
7.5
None Remote Low Not required Partial Partial Partial
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.
40 CVE-2016-6295 416 DoS 2016-07-25 2016-09-26
7.5
None Remote Low Not required Partial Partial Partial
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.
41 CVE-2016-6294 125 DoS 2016-07-25 2016-09-26
7.5
None Remote Low Not required Partial Partial Partial
The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument.
42 CVE-2016-6293 119 DoS Overflow 2016-07-25 2016-08-04
7.5
None Remote Low Not required Partial Partial Partial
The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.
43 CVE-2016-6291 119 DoS Overflow Mem. Corr. +Info 2016-07-25 2016-09-26
7.5
None Remote Low Not required Partial Partial Partial
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.
44 CVE-2016-6290 416 DoS 2016-07-25 2016-09-26
7.5
None Remote Low Not required Partial Partial Partial
ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization.
45 CVE-2016-6288 119 DoS Overflow 2016-07-25 2016-09-26
7.5
None Remote Low Not required Partial Partial Partial
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.
46 CVE-2016-6276 264 +Priv 2016-09-26 2016-09-27
7.2
None Local Low Not required Complete Complete Complete
Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1.4.0 allows local users to gain root privileges via unspecified vectors.
47 CVE-2016-6258 284 +Priv 2016-08-02 2016-09-09
7.2
User Local Low Not required Complete Complete Complete
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
48 CVE-2016-6250 190 DoS Exec Code Overflow 2016-09-21 2016-09-28
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
49 CVE-2016-6195 89 Exec Code Sql 2016-08-30 2016-08-31
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016.
50 CVE-2016-6187 119 Overflow +Priv 2016-08-06 2016-08-11
7.2
None Local Low Not required Complete Complete Complete
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.
Total number of vulnerabilities : 19751   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.