CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 1 and 1.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2016-7959 254 +Info 2016-10-13 2016-12-21
1.9
None Local Medium Not required Partial None None
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
252 CVE-2016-7218 200 +Info 2016-11-10 2018-10-12
1.9
None Local Medium Not required Partial None None
Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Windows Bowser.sys Information Disclosure Vulnerability."
253 CVE-2016-7094 119 DoS Overflow 2016-09-21 2017-06-30
1.5
None Local Medium Single system None None Partial
Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
254 CVE-2016-6848 254 Exec Code 2016-12-15 2016-12-16
1.9
None Local Medium Not required None Partial None
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client ("Reflected File Download"). Malicious platform specific (e.g. Microsoft Windows) batch file can be created via a trusted domain without authentication that, if executed by the user, may lead to local code execution.
255 CVE-2016-6450 20 2016-11-18 2017-07-27
1.9
None Local Medium Not required None Partial None
A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. This vulnerability affects the following products if they are running a vulnerable release of Cisco IOS XE Software: Cisco 5700 Series Wireless LAN Controllers, Cisco Catalyst 3650 Series Switches, Cisco Catalyst 3850 Series Switches, Cisco Catalyst 4500E Series Switches, Cisco Catalyst 4500X Series Switches. More Information: CSCva60013 CSCvb22622. Known Affected Releases: 3.7(0) 16.4.1 Denali-16.1.3 Denali-16.2.2 Denali-16.3.1. Known Fixed Releases: 15.2(4)E3 16.1(2.208) 16.2(2.42) 16.3(1.22) 16.4(0.190) 16.5(0.29).
256 CVE-2016-6156 362 DoS 2016-08-06 2016-11-28
1.9
None Local Medium Not required None None Partial
Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability.
257 CVE-2016-6136 362 Bypass 2016-08-06 2018-01-04
1.9
None Local Medium Not required None Partial None
Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability.
258 CVE-2016-6130 362 +Info 2016-07-03 2016-11-28
1.9
None Local Medium Not required Partial None None
Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability.
259 CVE-2016-5992 DoS 2016-11-24 2016-11-28
1.9
None Local Medium Not required None None Partial
IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors.
260 CVE-2016-5918 200 +Info 2017-02-08 2017-02-15
1.9
None Local Medium Not required Partial None None
IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed.
261 CVE-2016-5894 200 +Info 2017-03-08 2017-07-17
1.9
None Local Medium Not required Partial None None
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.
262 CVE-2016-5849 200 +Info 2016-07-04 2016-11-28
1.9
None Local Medium Not required Partial None None
Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage.
263 CVE-2016-5848 255 2016-07-04 2016-11-28
1.7
None Local Low Single system Partial None None
Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges.
264 CVE-2016-5746 +Info 2016-09-26 2018-10-30
1.2
None Local High Not required Partial None None
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
265 CVE-2016-5709 200 +Info 2016-06-24 2016-11-29
1.9
None Local Medium Not required Partial None None
SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.
266 CVE-2016-5551 284 2017-04-24 2017-07-10
1.9
None Local Medium Not required Partial None None
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4.3. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes to compromise Solaris Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris Cluster accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).
267 CVE-2016-5480 2016-10-25 2017-07-28
1.9
None Local Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.
268 CVE-2016-5443 2016-07-21 2017-08-31
1.2
None Local High Not required None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.
269 CVE-2016-5237 264 +Priv 2017-01-23 2017-09-06
1.9
None Local Medium Not required None Partial None
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
270 CVE-2016-5107 125 DoS 2016-09-02 2018-12-01
1.5
None Local Medium Single system None None Partial
The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors.
271 CVE-2016-5106 787 DoS 2016-09-02 2018-12-01
1.5
None Local Medium Single system None None Partial
The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command.
272 CVE-2016-5105 200 +Info 2016-09-02 2018-12-01
1.9
None Local Medium Not required Partial None None
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command.
273 CVE-2016-4996 255 2017-07-17 2019-05-06
1.9
None Local Medium Not required Partial None None
discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console.
274 CVE-2016-4984 362 2017-07-17 2019-04-22
1.9
None Local Medium Not required Partial None None
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.
275 CVE-2016-4982 362 2017-07-17 2017-08-09
1.9
None Local Medium Not required Partial None None
authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.
276 CVE-2016-4963 284 DoS 2016-06-07 2018-09-07
1.9
None Local Medium Not required None None Partial
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
277 CVE-2016-4952 125 DoS 2016-09-02 2018-12-01
1.5
None Local Medium Single system None None Partial
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.
278 CVE-2016-4924 275 +Info 2017-10-13 2017-11-03
1.7
None Local Low Single system Partial None None
An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8
279 CVE-2016-4740 200 +Info 2016-09-18 2017-08-12
1.9
None Local Medium Not required Partial None None
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors.
280 CVE-2016-4527 255 +Info 2016-06-09 2016-06-15
1.9
None Local Medium Not required Partial None None
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors.
281 CVE-2016-4511 310 +Info 2016-06-09 2016-06-17
1.9
None Local Medium Not required Partial None None
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file.
282 CVE-2016-3685 798 +Info 2016-12-14 2018-10-09
1.9
None Local Medium Not required Partial None None
SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial number, aka SAP Security Note 2282338.
283 CVE-2016-3684 +Info 2016-12-14 2018-10-09
1.9
None Local Medium Not required Partial None None
SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338.
284 CVE-2016-3428 2016-04-21 2017-09-02
1.8
None Local Network High Not required None None Partial
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vectors related to Engineering Communication Interface.
285 CVE-2016-3321 200 +Info 2016-08-09 2018-10-12
1.9
None Local Medium Not required Partial None None
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet Explorer Information Disclosure Vulnerability."
286 CVE-2016-3258 362 Bypass 2016-07-12 2018-10-12
1.2
None Local High Not required None Partial None
Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System Security Feature Bypass."
287 CVE-2016-3230 20 DoS 2016-06-15 2018-10-12
1.9
None Local Medium Not required None None Partial
The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to cause a denial of service (performance degradation) via a crafted application, aka "Windows Search Component Denial of Service Vulnerability."
288 CVE-2016-3159 284 +Info 2016-04-13 2016-12-02
1.7
None Local Low Single system Partial None None
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
289 CVE-2016-3158 284 +Info 2016-04-13 2016-12-02
1.7
None Local Low Single system Partial None None
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
290 CVE-2016-2943 532 +Info 2016-11-30 2016-12-02
1.9
None Local Medium Not required Partial None None
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file.
291 CVE-2016-2858 119 DoS Overflow Mem. Corr. 2016-04-07 2018-12-01
1.9
None Local Medium Not required None None Partial
QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.
292 CVE-2016-1919 310 +Info 2017-01-27 2018-10-09
1.9
None Local Medium Not required Partial None None
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
293 CVE-2016-0702 200 +Info 2016-03-03 2018-01-04
1.9
None Local Medium Not required Partial None None
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.
294 CVE-2016-0668 2016-04-21 2019-04-22
1.7
None Remote High Multiple systems None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
295 CVE-2016-0618 2016-01-20 2016-12-22
1.4
None Local Low Multiple systems Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.
296 CVE-2016-0609 2016-01-20 2019-04-22
1.7
None Remote High Multiple systems None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
297 CVE-2016-0498 2016-01-20 2016-12-07
1.5
None Local Medium Single system Partial None None
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.2.2, 6.1.3.0, and 6.2.0.0 allows local users to affect confidentiality via unknown vectors related to Install.
298 CVE-2016-0453 2016-01-20 2016-06-08
1.8
None Local Network High Not required Partial None None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.
299 CVE-2016-0438 2016-01-20 2016-06-08
1.9
None Local Medium Not required Partial None None
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0436, and CVE-2016-0437.
300 CVE-2016-0437 2016-01-20 2016-06-09
1.9
None Local Medium Not required Partial None None
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0436, and CVE-2016-0438.
Total number of vulnerabilities : 878   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.