CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
7701 CVE-2016-4563 119 DoS Overflow 2016-06-04 2016-09-22
6.8
None Remote Medium Not required Partial Partial Partial
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
7702 CVE-2016-4562 119 DoS Overflow 2016-06-04 2016-09-22
6.8
None Remote Medium Not required Partial Partial Partial
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
7703 CVE-2016-4558 DoS 2016-05-23 2016-08-02
6.9
None Local Medium Not required Complete Complete Complete
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count.
7704 CVE-2016-4533 119 Exec Code Overflow 2016-07-11 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.
7705 CVE-2016-4532 22 Dir. Trav. 2016-06-09 2016-11-28
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to read arbitrary files via a crafted pathname.
7706 CVE-2016-4526 427 +Priv 2016-09-18 2016-11-28
6.9
None Local Medium Not required Complete Complete Complete
ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.
7707 CVE-2016-4510 287 Bypass 2016-06-09 2016-11-28
6.4
None Remote Low Not required Partial Partial None
The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors.
7708 CVE-2016-4509 119 Exec Code Overflow 2016-07-03 2016-11-28
6.0
None Remote Medium Single system Partial Partial Partial
Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file.
7709 CVE-2016-4506 352 CSRF 2016-05-30 2016-06-07
6.0
None Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability on Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of arbitrary users.
7710 CVE-2016-4504 352 CSRF 2017-03-21 2017-03-24
6.8
None Remote Medium Not required Partial Partial Partial
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function.
7711 CVE-2016-4501 284 Bypass 2016-05-30 2016-06-07
6.4
None Remote Low Not required Partial Partial None
Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors.
7712 CVE-2016-4498 20 DoS 2016-05-11 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
7713 CVE-2016-4497 20 DoS 2016-05-11 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
7714 CVE-2016-4494 352 CSRF 2016-06-09 2016-06-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability on KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allows remote attackers to hijack the authentication of unspecified victims for requests that disclose the contents of a configuration file.
7715 CVE-2016-4475 254 Bypass 2016-08-19 2018-01-04
6.5
None Remote Low Single system Partial Partial Partial
The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors.
7716 CVE-2016-4472 119 DoS Exec Code Overflow 2016-06-30 2017-11-02
6.8
None Remote Medium Not required Partial Partial Partial
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
7717 CVE-2016-4471 264 Exec Code 2017-06-08 2017-06-15
6.5
None Remote Low Single system Partial Partial Partial
ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code.
7718 CVE-2016-4469 352 CSRF 2016-07-28 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action.
7719 CVE-2016-4468 89 Exec Code Sql 2017-04-11 2017-04-17
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
7720 CVE-2016-4462 20 Exec Code 2017-08-30 2017-09-12
6.5
None Remote Low Single system Partial Partial Partial
By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01
7721 CVE-2016-4451 254 Bypass 2016-08-19 2018-02-22
6.0
None Remote Medium Single system Partial Partial Partial
The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restrictions and read or modify data for an arbitrary organization by leveraging knowledge of the id of that organization.
7722 CVE-2016-4446 77 Exec Code 2017-04-11 2017-04-17
6.9
None Local Medium Not required Complete Complete Complete
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
7723 CVE-2016-4445 77 Exec Code 2017-04-11 2017-04-17
6.9
None Local Medium Not required Complete Complete Complete
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.
7724 CVE-2016-4444 77 Exec Code 2017-04-11 2017-04-17
6.9
None Local Medium Not required Complete Complete Complete
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
7725 CVE-2016-4437 284 Exec Code Bypass 2016-06-07 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.
7726 CVE-2016-4435 264 DoS 2017-05-25 2017-10-02
6.8
None Remote Medium Not required Partial Partial Partial
An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.
7727 CVE-2016-4434 611 2017-09-29 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity (XXE) attacks via vectors involving (1) spreadsheets in OOXML files and (2) XMP metadata in PDF and other file formats, a related issue to CVE-2016-2175.
7728 CVE-2016-4430 352 CSRF 2016-07-04 2017-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
7729 CVE-2016-4405 502 Exec Code 2018-08-06 2018-10-05
6.5
None Remote Low Single system Partial Partial Partial
A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26
7730 CVE-2016-4398 502 Exec Code 2018-08-06 2018-10-05
6.5
None Remote Low Single system Partial Partial Partial
A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization.
7731 CVE-2016-4390 Exec Code 2016-10-05 2017-07-29
6.8
None Remote Medium Not required Partial Partial Partial
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4389.
7732 CVE-2016-4389 Exec Code 2016-10-05 2017-07-29
6.8
None Remote Medium Not required Partial Partial Partial
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4390.
7733 CVE-2016-4388 Exec Code 2016-10-05 2017-07-29
6.8
None Remote Medium Not required Partial Partial Partial
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-4390.
7734 CVE-2016-4387 Exec Code 2016-10-05 2017-07-29
6.8
None Remote Medium Not required Partial Partial Partial
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-4390.
7735 CVE-2016-4386 2016-09-29 2017-07-29
6.9
None Local Medium Not required Complete Complete Complete
HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors.
7736 CVE-2016-4382 264 Bypass 2016-09-20 2017-08-12
6.0
None Remote Medium Single system Partial Partial Partial
HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.
7737 CVE-2016-4371 352 +Info 2016-06-18 2016-12-15
6.0
None Remote Medium Single system Partial Partial Partial
HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.
7738 CVE-2016-4370 Exec Code +Info 2016-06-09 2016-06-10
6.5
None Remote Low Single system Partial Partial Partial
HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors.
7739 CVE-2016-4369 284 Exec Code 2016-06-08 2016-08-23
6.5
None Remote Low Single system Partial Partial Partial
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
7740 CVE-2016-4360 2016-06-08 2017-11-02
6.4
None Remote Low Not required None Partial Partial
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
7741 CVE-2016-4343 DoS 2016-05-21 2018-01-04
6.8
None Remote Medium Not required Partial Partial Partial
The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive.
7742 CVE-2016-4340 264 2017-01-23 2017-01-25
6.5
None Remote Low Single system Partial Partial Partial
The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 through 8.5.11, 8.4.0 through 8.4.9, 8.3.0 through 8.3.8, and 8.2.0 through 8.2.4 allows remote authenticated users to "log in" as any other user via unspecified vectors.
7743 CVE-2016-4338 89 Exec Code Sql 2017-01-23 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.
7744 CVE-2016-4335 119 Exec Code Overflow 2017-01-06 2017-01-10
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulting in remote code execution.
7745 CVE-2016-4333 119 Overflow 2016-11-18 2017-11-03
6.9
None Local Medium Not required Complete Complete Complete
The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it.
7746 CVE-2016-4332 20 Exec Code 2016-11-18 2017-11-03
6.9
None Local Medium Not required Complete Complete Complete
The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.
7747 CVE-2016-4331 787 Exec Code 2016-11-18 2017-11-03
6.9
None Local Medium Not required Complete Complete Complete
When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.
7748 CVE-2016-4330 119 Exec Code Overflow 2016-11-18 2017-11-03
6.9
None Local Medium Not required Complete Complete Complete
In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution.
7749 CVE-2016-4324 20 Exec Code 2016-07-08 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.
7750 CVE-2016-4319 352 CSRF 2017-04-09 2018-02-15
6.8
None Remote Medium Not required Partial Partial Partial
Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.