Security Vulnerabilities, CVEs, Published In August 2016 CVSS score >= 9
CVE-2016-5675
Public exploit
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.
Max CVSS
10.0
EPSS Score
38.24%
Published
2016-08-31
Updated
2017-09-03
CVE-2016-5674
Public exploit
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.
Max CVSS
10.0
EPSS Score
95.65%
Published
2016-08-31
Updated
2017-09-03
CVE-2016-4656
Known exploited
Public exploit
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Max CVSS
9.3
EPSS Score
0.59%
Published
2016-08-25
Updated
2018-06-08
CISA KEV Added
2022-05-24
Buffer overflow in the handle_packet function in mactelnet.c in the client in MAC-Telnet 0.4.3 and earlier allows remote TELNET servers to execute arbitrary code via a long string in an MT_CPTYPE_PASSSALT control packet.
Max CVSS
9.8
EPSS Score
0.48%
Published
2016-08-30
Updated
2016-11-28
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.
Max CVSS
10.0
EPSS Score
96.19%
Published
2016-08-24
Updated
2019-05-22
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
Max CVSS
9.8
EPSS Score
0.36%
Published
2016-08-19
Updated
2016-08-23
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
Max CVSS
9.1
EPSS Score
5.38%
Published
2016-08-19
Updated
2019-03-04
SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016.
Max CVSS
9.8
EPSS Score
0.28%
Published
2016-08-30
Updated
2017-08-21
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192.
Max CVSS
9.3
EPSS Score
0.06%
Published
2016-08-02
Updated
2016-08-03
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193.
Max CVSS
9.3
EPSS Score
0.05%
Published
2016-08-02
Updated
2016-08-03
Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet.
Max CVSS
9.8
EPSS Score
1.80%
Published
2016-08-02
Updated
2016-08-03
The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2233550.
Max CVSS
9.8
EPSS Score
1.28%
Published
2016-08-05
Updated
2016-11-28
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.
Max CVSS
10.0
EPSS Score
1.33%
Published
2016-08-05
Updated
2016-11-28
SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591.
Max CVSS
9.8
EPSS Score
1.40%
Published
2016-08-05
Updated
2016-11-28
SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
Max CVSS
9.8
EPSS Score
1.57%
Published
2016-08-05
Updated
2016-11-28
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
Max CVSS
10.0
EPSS Score
1.60%
Published
2016-08-05
Updated
2016-11-28
SQL injection vulnerability in news pages in Cargotec Navis WebAccess before 2016-08-10 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
9.8
EPSS Score
0.11%
Published
2016-08-22
Updated
2016-08-22
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
Max CVSS
10.0
EPSS Score
0.46%
Published
2016-08-24
Updated
2016-11-28
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields.
Max CVSS
9.8
EPSS Score
0.45%
Published
2016-08-08
Updated
2016-11-28
php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object.
Max CVSS
9.8
EPSS Score
6.33%
Published
2016-08-07
Updated
2018-01-05
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.
Max CVSS
9.8
EPSS Score
1.65%
Published
2016-08-07
Updated
2022-07-20
spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data.
Max CVSS
9.8
EPSS Score
1.16%
Published
2016-08-07
Updated
2022-07-20
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096.
Max CVSS
9.8
EPSS Score
2.86%
Published
2016-08-07
Updated
2022-07-20
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.
Max CVSS
9.8
EPSS Score
4.96%
Published
2016-08-07
Updated
2016-11-28
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception.
Max CVSS
9.8
EPSS Score
10.54%
Published
2016-08-07
Updated
2018-01-05