# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
28451 |
CVE-2016-8781 |
399 |
|
|
2017-04-02 |
2017-04-05 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory, causing a DoS condition. |
28452 |
CVE-2016-8780 |
400 |
|
|
2017-04-02 |
2017-04-05 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition. |
28453 |
CVE-2016-8779 |
|
|
+Info |
2017-04-02 |
2017-04-05 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database. |
28454 |
CVE-2016-8776 |
285 |
|
Bypass |
2017-04-02 |
2017-04-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. |
28455 |
CVE-2016-8773 |
20 |
|
DoS |
2017-04-02 |
2017-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets. |
28456 |
CVE-2016-8764 |
20 |
|
|
2017-04-02 |
2017-04-07 |
4.1 |
None |
Local |
Medium |
Single system |
Partial |
Partial |
Partial |
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. |
28457 |
CVE-2016-8762 |
20 |
|
|
2017-04-02 |
2017-04-07 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart. |
28458 |
CVE-2016-8757 |
200 |
|
+Info |
2017-04-02 |
2019-05-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from uninitialized memory. |
28459 |
CVE-2016-8754 |
798 |
|
|
2017-04-02 |
2017-04-07 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys are used to encrypt communication data and authenticate different nodes of the devices. An attacker may obtain the hardcoded keys and log in to such a device through SSH. |
28460 |
CVE-2016-8752 |
284 |
|
|
2017-08-29 |
2017-09-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img. |
28461 |
CVE-2016-8751 |
79 |
|
Exec Code XSS |
2017-06-14 |
2017-06-19 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
Apache Ranger before 0.6.is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access policies. |
28462 |
CVE-2016-8750 |
90 |
|
DoS |
2018-02-19 |
2019-04-26 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service. |
28463 |
CVE-2016-8748 |
79 |
|
XSS |
2017-10-19 |
2019-05-01 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM. |
28464 |
CVE-2016-8747 |
200 |
|
+Info |
2017-03-14 |
2019-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request. |
28465 |
CVE-2016-8746 |
426 |
|
|
2017-06-14 |
2017-06-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true. |
28466 |
CVE-2016-8745 |
388 |
|
+Info |
2017-08-10 |
2019-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions. |
28467 |
CVE-2016-8743 |
19 |
|
Http R.Spl. |
2017-07-27 |
2018-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. |
28468 |
CVE-2016-8741 |
200 |
|
+Info |
2017-05-15 |
2017-07-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256. |
28469 |
CVE-2016-8740 |
20 |
|
DoS |
2016-12-05 |
2018-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request. |
28470 |
CVE-2016-8738 |
20 |
|
|
2017-09-20 |
2018-06-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. |
28471 |
CVE-2016-8737 |
352 |
|
Exec Code CSRF |
2017-09-13 |
2017-09-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user. There is known to be a proof-of-concept exploit using this vulnerability. |
28472 |
CVE-2016-8734 |
400 |
|
|
2017-10-16 |
2017-11-07 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory. |
28473 |
CVE-2016-8732 |
275 |
|
|
2018-04-24 |
2018-06-13 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additional insufficient checks allow any application to turn off some of the protection mechanisms provided by the Invincea product. |
28474 |
CVE-2016-8730 |
787 |
|
Exec Code Mem. Corr. |
2018-04-24 |
2018-06-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a specific GIF file to trigger this vulnerability. |
28475 |
CVE-2016-8729 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-24 |
2018-06-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability. |
28476 |
CVE-2016-8728 |
787 |
|
Exec Code Mem. Corr. |
2018-04-24 |
2018-06-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability. |
28477 |
CVE-2016-8727 |
200 |
|
+Info |
2017-04-13 |
2017-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. |
28478 |
CVE-2016-8725 |
200 |
|
+Info |
2017-04-13 |
2017-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. |
28479 |
CVE-2016-8724 |
200 |
|
+Info |
2017-04-13 |
2017-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information. |
28480 |
CVE-2016-8722 |
200 |
|
+Info |
2017-04-13 |
2017-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. |
28481 |
CVE-2016-8720 |
74 |
|
|
2017-04-13 |
2017-04-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response. |
28482 |
CVE-2016-8719 |
79 |
|
XSS |
2017-04-12 |
2017-04-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim. |
28483 |
CVE-2016-8718 |
352 |
|
CSRF |
2017-04-12 |
2017-04-20 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authentic request. |
28484 |
CVE-2016-8716 |
640 |
|
|
2017-04-12 |
2017-04-20 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials. |
28485 |
CVE-2016-8715 |
119 |
|
Exec Code Overflow |
2017-02-28 |
2017-03-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable heap corruption vulnerability exists in the loadTrailer functionality of Iceni Argus version 6.6.05. A specially crafted PDF file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious PDF file to trigger this vulnerability. |
28486 |
CVE-2016-8714 |
119 |
|
Overflow Mem. Corr. |
2017-03-10 |
2017-11-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability. |
28487 |
CVE-2016-8713 |
787 |
|
Mem. Corr. |
2017-02-10 |
2017-02-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability. |
28488 |
CVE-2016-8712 |
613 |
|
|
2017-04-13 |
2017-04-20 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. |
28489 |
CVE-2016-8711 |
20 |
|
Exec Code |
2017-02-10 |
2017-02-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific PDF file to trigger this vulnerability. |
28490 |
CVE-2016-8710 |
787 |
|
Exec Code |
2017-01-26 |
2018-10-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggered via attempting to decode a crafted BPG image using Libbpg. |
28491 |
CVE-2016-8709 |
119 |
|
Overflow Mem. Corr. |
2017-02-10 |
2017-02-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability. |
28492 |
CVE-2016-8707 |
787 |
|
Exec Code |
2016-12-23 |
2017-11-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality. |
28493 |
CVE-2016-8706 |
190 |
|
Exec Code Overflow |
2017-01-06 |
2017-07-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. |
28494 |
CVE-2016-8703 |
119 |
|
Overflow |
2017-01-31 |
2017-02-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702. |
28495 |
CVE-2016-8702 |
119 |
|
Overflow |
2017-01-31 |
2017-02-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703. |
28496 |
CVE-2016-8701 |
119 |
|
Overflow |
2017-01-31 |
2017-02-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703. |
28497 |
CVE-2016-8700 |
119 |
|
Overflow |
2017-01-31 |
2017-02-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. |
28498 |
CVE-2016-8699 |
119 |
|
Overflow |
2017-01-31 |
2017-02-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. |
28499 |
CVE-2016-8698 |
119 |
|
Overflow |
2017-01-31 |
2017-02-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. |
28500 |
CVE-2016-8697 |
369 |
|
DoS |
2017-01-31 |
2017-02-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image. |