# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
31051 |
CVE-2016-3731 |
200 |
|
+Info |
2017-04-20 |
2017-04-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions. |
31052 |
CVE-2016-3729 |
284 |
|
|
2017-04-20 |
2017-04-27 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the administrator. |
31053 |
CVE-2016-3728 |
284 |
|
Exec Code |
2016-05-20 |
2018-01-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/. |
31054 |
CVE-2016-3727 |
200 |
|
+Info |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors. |
31055 |
CVE-2016-3726 |
|
|
|
2016-05-17 |
2018-01-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs. |
31056 |
CVE-2016-3725 |
264 |
|
DoS |
2016-05-17 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permissions check. NOTE: this issue can be combined with DNS cache poisoning to cause a denial of service (service disruption). |
31057 |
CVE-2016-3724 |
200 |
|
+Info |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration. |
31058 |
CVE-2016-3723 |
200 |
|
+Info |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints. |
31059 |
CVE-2016-3722 |
264 |
|
DoS |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name." |
31060 |
CVE-2016-3721 |
17 |
|
|
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables. |
31061 |
CVE-2016-3718 |
20 |
|
|
2016-05-05 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. |
31062 |
CVE-2016-3716 |
264 |
|
|
2016-05-05 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. |
31063 |
CVE-2016-3715 |
284 |
|
|
2016-05-05 |
2018-10-09 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. |
31064 |
CVE-2016-3713 |
284 |
|
DoS +Info |
2016-06-27 |
2016-06-27 |
5.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Complete |
The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call. |
31065 |
CVE-2016-3712 |
|
|
DoS Overflow |
2016-05-11 |
2018-01-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. |
31066 |
CVE-2016-3711 |
200 |
|
+Info |
2016-06-08 |
2016-06-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie. |
31067 |
CVE-2016-3708 |
284 |
|
|
2016-06-08 |
2016-06-09 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and a build is run in a namespace that would normally be isolated from pods in other namespaces, allows remote authenticated users to access network resources on restricted pods via an s2i build with a builder image that (1) contains ONBUILD commands or (2) does not contain a tar binary. |
31068 |
CVE-2016-3707 |
284 |
|
Exec Code |
2016-06-27 |
2016-11-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file. |
31069 |
CVE-2016-3706 |
20 |
|
DoS Overflow |
2016-06-10 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458. |
31070 |
CVE-2016-3705 |
20 |
|
DoS |
2016-05-17 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. |
31071 |
CVE-2016-3704 |
255 |
|
|
2017-06-13 |
2018-02-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. |
31072 |
CVE-2016-3703 |
284 |
|
|
2016-06-08 |
2016-06-09 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
Red Hat OpenShift Enterprise 3.2 and 3.1 do not properly validate the origin of a request when anonymous access is granted to a service/proxy or pod/proxy API for a specific pod, which allows remote attackers to access API credentials in the web browser localStorage via an access_token in the query parameter. |
31073 |
CVE-2016-3702 |
200 |
|
+Info |
2017-04-21 |
2017-04-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information. |
31074 |
CVE-2016-3699 |
264 |
|
Exec Code Bypass |
2016-10-07 |
2018-01-04 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd. |
31075 |
CVE-2016-3698 |
284 |
|
DoS |
2016-06-13 |
2016-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network. |
31076 |
CVE-2016-3697 |
264 |
|
+Priv |
2016-06-01 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. |
31077 |
CVE-2016-3696 |
200 |
|
+Info |
2017-06-13 |
2018-02-22 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key. |
31078 |
CVE-2016-3695 |
74 |
|
DoS |
2017-12-29 |
2018-01-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. |
31079 |
CVE-2016-3693 |
264 |
|
+Info |
2016-05-20 |
2018-02-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method. |
31080 |
CVE-2016-3691 |
352 |
|
Bypass CSRF |
2017-04-24 |
2017-04-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Routes in Kallithea before 0.3.2 allows remote attackers to bypass the CSRF protection by using the GET HTTP request method. |
31081 |
CVE-2016-3689 |
|
|
DoS |
2016-05-02 |
2017-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface. |
31082 |
CVE-2016-3688 |
200 |
|
Exec Code Sql +Info |
2016-04-19 |
2016-04-28 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
SQL injection vulnerability in dotCMS before 3.5 allows remote administrators to execute arbitrary SQL commands via the c0-e3 parameter to dwr/call/plaincall/UserAjax.getUsersList.dwr. |
31083 |
CVE-2016-3687 |
|
|
|
2016-06-16 |
2016-06-20 |
4.0 |
None |
Remote |
High |
Not required |
Partial |
Partial |
None |
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in the SSO_ORIG_URI parameter. |
31084 |
CVE-2016-3686 |
200 |
|
+Info |
2016-04-13 |
2016-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 through 11.3.0 might allow remote attackers to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect. |
31085 |
CVE-2016-3685 |
798 |
|
+Info |
2016-12-14 |
2018-10-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial number, aka SAP Security Note 2282338. |
31086 |
CVE-2016-3684 |
|
|
+Info |
2016-12-14 |
2018-10-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338. |
31087 |
CVE-2016-3677 |
345 |
|
|
2016-06-13 |
2016-11-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The Huawei Wear App application before 15.0.0.307 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008. |
31088 |
CVE-2016-3676 |
254 |
|
|
2016-04-11 |
2016-04-14 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network. |
31089 |
CVE-2016-3675 |
89 |
|
Exec Code Sql |
2016-04-11 |
2016-04-13 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases. |
31090 |
CVE-2016-3674 |
200 |
|
+Info |
2016-05-17 |
2018-03-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document. |
31091 |
CVE-2016-3672 |
254 |
|
Bypass |
2016-04-27 |
2018-10-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits. |
31092 |
CVE-2016-3670 |
79 |
|
XSS |
2016-06-13 |
2016-06-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field. |
31093 |
CVE-2016-3664 |
200 |
|
+Info |
2016-05-23 |
2016-05-25 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mobile application login server, which allows man-in-the-middle attackers to spoof this server and obtain sensitive information via a crafted certificate. |
31094 |
CVE-2016-3659 |
89 |
|
Exec Code Sql |
2016-04-11 |
2016-11-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter. |
31095 |
CVE-2016-3658 |
125 |
|
DoS |
2016-10-03 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable. |
31096 |
CVE-2016-3656 |
119 |
|
DoS Overflow |
2016-04-12 |
2016-04-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request. |
31097 |
CVE-2016-3653 |
352 |
|
CSRF |
2016-06-30 |
2017-09-02 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users. |
31098 |
CVE-2016-3652 |
79 |
|
XSS |
2016-06-30 |
2017-09-02 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
31099 |
CVE-2016-3651 |
200 |
|
+Info |
2016-06-30 |
2017-08-31 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors. |
31100 |
CVE-2016-3650 |
254 |
|
|
2016-06-30 |
2017-08-31 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack. |