| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
5301 |
CVE-2016-9123 |
190 |
|
Overflow Bypass |
2017-03-27 |
2017-03-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectures. |
|
5302 |
CVE-2016-9122 |
284 |
|
|
2017-03-27 |
2017-03-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate which signature was valid, which could potentially lead to confusion. For example, users of the library might mistakenly read protected header values from an attached signature that was different from the one originally validated. |
|
5303 |
CVE-2016-9118 |
119 |
|
Overflow |
2016-10-30 |
2017-11-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2. |
|
5304 |
CVE-2016-9114 |
476 |
|
DoS |
2016-10-30 |
2017-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service. |
|
5305 |
CVE-2016-9113 |
476 |
|
DoS |
2016-10-30 |
2017-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service. |
|
5306 |
CVE-2016-9112 |
369 |
|
|
2016-10-29 |
2017-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2. |
|
5307 |
CVE-2016-9109 |
125 |
|
DoS |
2017-01-18 |
2017-01-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. NOTE: this vulnerability exists due to an incomplete fix for CVE-2016-7563. |
|
5308 |
CVE-2016-9108 |
190 |
|
DoS Overflow |
2017-02-03 |
2017-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression. |
|
5309 |
CVE-2016-9107 |
200 |
|
+Info |
2017-01-13 |
2017-01-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote attackers to obtain sensitive information via unspecified vectors. |
|
5310 |
CVE-2016-9099 |
601 |
|
|
2017-05-11 |
2018-01-17 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to redirect the target user to a malicious web site. |
|
5311 |
CVE-2016-9079 |
416 |
|
|
2018-06-11 |
2018-08-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1. |
|
5312 |
CVE-2016-9073 |
264 |
|
Bypass |
2018-06-11 |
2018-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox < 50. |
|
5313 |
CVE-2016-9072 |
254 |
|
|
2018-06-11 |
2018-08-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50. |
|
5314 |
CVE-2016-9071 |
254 |
|
|
2018-06-11 |
2018-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. This vulnerability affects Firefox < 50. |
|
5315 |
CVE-2016-9068 |
416 |
|
|
2018-06-11 |
2018-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50. |
|
5316 |
CVE-2016-9067 |
416 |
|
|
2018-06-11 |
2018-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50. |
|
5317 |
CVE-2016-9066 |
119 |
|
Overflow |
2018-06-11 |
2018-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. |
|
5318 |
CVE-2016-9065 |
20 |
|
|
2018-06-11 |
2018-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. |
|
5319 |
CVE-2016-9061 |
275 |
|
|
2018-06-11 |
2018-07-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. |
|
5320 |
CVE-2016-9049 |
476 |
|
|
2017-02-21 |
2017-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability. |
|
5321 |
CVE-2016-9036 |
125 |
|
DoS |
2016-12-23 |
2016-12-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of a buffer, resulting in a denial of service vulnerability. |
|
5322 |
CVE-2016-9028 |
254 |
|
|
2016-10-28 |
2017-07-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. |
|
5323 |
CVE-2016-9017 |
125 |
|
+Info |
2016-10-28 |
2016-11-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component. |
|
5324 |
CVE-2016-9008 |
284 |
|
|
2017-02-01 |
2017-02-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent. |
|
5325 |
CVE-2016-8982 |
200 |
|
+Info |
2017-02-01 |
2017-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM InfoSphere Information Server stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. |
|
5326 |
CVE-2016-8977 |
200 |
|
+Info |
2017-02-01 |
2017-02-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system. |
|
5327 |
CVE-2016-8964 |
254 |
|
|
2017-07-13 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853. |
|
5328 |
CVE-2016-8961 |
601 |
|
+Info |
2017-02-01 |
2017-02-13 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. |
|
5329 |
CVE-2016-8951 |
287 |
|
DoS |
2017-07-13 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack. An attacker can exploit a vulnerability in the authentication features that could log out users and flood user accounts with emails. IBM X-Force ID: 118838. |
|
5330 |
CVE-2016-8947 |
601 |
|
+Info |
2017-07-12 |
2017-07-27 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 118834 |
|
5331 |
CVE-2016-8937 |
287 |
|
|
2017-10-05 |
2017-10-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. An attacker could gain user or administrative access to the TSM server. IBM X-Force ID: 118750. |
|
5332 |
CVE-2016-8929 |
89 |
|
Sql |
2017-02-01 |
2017-02-07 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. |
|
5333 |
CVE-2016-8867 |
264 |
|
Bypass |
2016-10-28 |
2017-07-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes. |
|
5334 |
CVE-2016-8864 |
20 |
|
DoS |
2016-11-02 |
2018-09-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. |
|
5335 |
CVE-2016-8860 |
119 |
|
DoS Overflow |
2017-01-04 |
2017-06-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data. |
|
5336 |
CVE-2016-8827 |
22 |
|
Dir. Trav. |
2016-12-16 |
2016-12-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack. |
|
5337 |
CVE-2016-8820 |
20 |
|
DoS |
2016-12-16 |
2016-12-23 |
5.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Complete |
|
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a check on a function return value is missing, potentially allowing an uninitialized value to be used as the source of a strcpy() call, leading to denial of service or information disclosure. |
|
5338 |
CVE-2016-8797 |
399 |
|
|
2017-04-02 |
2017-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion. |
|
5339 |
CVE-2016-8790 |
119 |
|
Overflow |
2017-04-02 |
2017-04-10 |
5.5 |
None |
Local Network |
Low |
Single system |
None |
None |
Complete |
|
Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. |
|
5340 |
CVE-2016-8782 |
399 |
|
|
2018-03-09 |
2018-03-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting in memory leak. |
|
5341 |
CVE-2016-8773 |
20 |
|
DoS |
2017-04-02 |
2017-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets. |
|
5342 |
CVE-2016-8754 |
798 |
|
|
2017-04-02 |
2017-04-07 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys are used to encrypt communication data and authenticate different nodes of the devices. An attacker may obtain the hardcoded keys and log in to such a device through SSH. |
|
5343 |
CVE-2016-8752 |
284 |
|
|
2017-08-29 |
2017-09-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img. |
|
5344 |
CVE-2016-8747 |
200 |
|
+Info |
2017-03-14 |
2018-06-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request. |
|
5345 |
CVE-2016-8745 |
388 |
|
+Info |
2017-08-10 |
2018-06-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions. |
|
5346 |
CVE-2016-8743 |
19 |
|
Http R.Spl. |
2017-07-27 |
2018-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. |
|
5347 |
CVE-2016-8741 |
200 |
|
+Info |
2017-05-15 |
2017-07-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256. |
|
5348 |
CVE-2016-8740 |
20 |
|
DoS |
2016-12-05 |
2018-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request. |
|
5349 |
CVE-2016-8727 |
200 |
|
+Info |
2017-04-13 |
2017-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. |
|
5350 |
CVE-2016-8725 |
200 |
|
+Info |
2017-04-13 |
2017-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. |
