# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
39501 |
CVE-2016-2363 |
264 |
|
Exec Code |
2016-06-19 |
2016-06-21 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account. |
39502 |
CVE-2016-2362 |
|
|
|
2016-06-19 |
2016-06-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a (1) FTP or (2) SSH connection. |
39503 |
CVE-2016-2355 |
89 |
|
Exec Code Sql |
2016-12-19 |
2016-12-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1. |
39504 |
CVE-2016-2354 |
284 |
|
|
2016-04-21 |
2016-05-31 |
8.0 |
None |
Local Network |
Low |
Not required |
Partial |
Complete |
Complete |
The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver before 2016-04-07 supports unrestricted pairing without a PIN, which allows remote attackers to send arbitrary CAN commands by leveraging access to a device inside or adjacent to the vehicle, as demonstrated by a CAN command to disrupt braking or steering. |
39505 |
CVE-2016-2353 |
264 |
|
+Priv |
2016-05-07 |
2016-05-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key to an arbitrary group, and consequently gain privileges, via unspecified vectors. |
39506 |
CVE-2016-2352 |
264 |
|
Exec Code |
2016-05-07 |
2016-05-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to execute arbitrary commands by leveraging the YUM_CLIENT restricted-user role. |
39507 |
CVE-2016-2351 |
89 |
|
Exec Code Sql |
2016-05-07 |
2016-05-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the client_id parameter. |
39508 |
CVE-2016-2350 |
79 |
|
XSS |
2016-05-07 |
2016-05-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) getimageajax.php, (2) move_partition_frame.html, or (3) wmInfo.html. |
39509 |
CVE-2016-2349 |
640 |
|
|
2016-12-21 |
2017-07-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password. |
39510 |
CVE-2016-2347 |
190 |
|
Exec Code |
2017-04-21 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive. |
39511 |
CVE-2016-2346 |
345 |
|
Exec Code |
2016-04-25 |
2016-05-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream. |
39512 |
CVE-2016-2345 |
119 |
|
Exec Code Overflow |
2016-03-17 |
2018-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string. |
39513 |
CVE-2016-2344 |
119 |
|
DoS Exec Code Overflow |
2016-03-28 |
2016-12-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016.0.0.2150 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted command. NOTE: this is only a vulnerability in environments in which the administrator has not followed documentation that outlines the security risks of operating Backburner on untrusted networks. |
39514 |
CVE-2016-2343 |
|
|
+Info |
2016-04-01 |
2016-04-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements. |
39515 |
CVE-2016-2342 |
119 |
|
DoS Exec Code Overflow |
2016-03-17 |
2018-01-04 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet. |
39516 |
CVE-2016-2340 |
|
|
DoS |
2016-03-25 |
2017-04-06 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
None |
Partial |
The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
39517 |
CVE-2016-2339 |
119 |
|
Overflow |
2017-01-06 |
2018-07-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow. |
39518 |
CVE-2016-2337 |
|
|
Exec Code |
2017-01-06 |
2018-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution. |
39519 |
CVE-2016-2336 |
|
|
Exec Code |
2017-01-06 |
2017-01-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution. |
39520 |
CVE-2016-2335 |
119 |
|
DoS Exec Code Overflow |
2016-06-07 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file. |
39521 |
CVE-2016-2334 |
119 |
|
Exec Code Overflow |
2016-12-13 |
2017-12-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. |
39522 |
CVE-2016-2333 |
310 |
|
|
2016-04-25 |
2016-05-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers' installations, which allows attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. |
39523 |
CVE-2016-2332 |
77 |
|
Exec Code |
2016-04-25 |
2016-05-04 |
9.0 |
Admin |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 (aka dnsmasq) parameter. |
39524 |
CVE-2016-2331 |
255 |
|
|
2016-04-25 |
2016-05-31 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors. |
39525 |
CVE-2016-2330 |
119 |
|
DoS Overflow |
2016-02-12 |
2016-12-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image, gif_encode_init, and gif_encode_close functions. |
39526 |
CVE-2016-2329 |
119 |
|
DoS Overflow |
2016-02-12 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted TIFF file, related to the tiff_decode_tag and decode_frame functions. |
39527 |
CVE-2016-2328 |
119 |
|
DoS Overflow |
2016-02-12 |
2016-12-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the bayer_to_rgb24_wrapper and bayer_to_yv12_wrapper functions. |
39528 |
CVE-2016-2327 |
119 |
|
DoS Overflow |
2016-02-12 |
2016-12-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions. |
39529 |
CVE-2016-2326 |
190 |
|
DoS Overflow |
2016-02-12 |
2017-06-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file. |
39530 |
CVE-2016-2324 |
119 |
|
Exec Code Overflow |
2016-04-08 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow. |
39531 |
CVE-2016-2318 |
476 |
|
DoS |
2017-02-03 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c. |
39532 |
CVE-2016-2317 |
119 |
|
DoS Overflow |
2017-02-03 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c. |
39533 |
CVE-2016-2316 |
191 |
|
DoS |
2016-02-22 |
2017-11-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values. |
39534 |
CVE-2016-2315 |
119 |
|
Exec Code Overflow |
2016-04-08 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow. |
39535 |
CVE-2016-2314 |
17 |
|
DoS |
2016-02-14 |
2016-03-22 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands. |
39536 |
CVE-2016-2313 |
264 |
|
Bypass |
2016-04-13 |
2018-10-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database. |
39537 |
CVE-2016-2312 |
254 |
|
|
2016-12-23 |
2018-10-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again. |
39538 |
CVE-2016-2311 |
255 |
|
|
2016-05-29 |
2017-04-07 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors. |
39539 |
CVE-2016-2310 |
|
|
|
2016-06-09 |
2016-06-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface. |
39540 |
CVE-2016-2309 |
345 |
|
DoS |
2016-05-29 |
2017-01-10 |
8.0 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Complete |
iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. |
39541 |
CVE-2016-2308 |
|
|
+Info |
2016-10-05 |
2016-10-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application store passwords in cleartext, which allows remote attackers to obtain sensitive information by reading a file. |
39542 |
CVE-2016-2307 |
200 |
|
+Info |
2016-10-05 |
2016-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application allow remote attackers to read arbitrary files via unspecified vectors, as demonstrated by the configuration file. |
39543 |
CVE-2016-2306 |
310 |
|
+Info |
2016-04-21 |
2016-04-27 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. |
39544 |
CVE-2016-2305 |
79 |
|
XSS |
2016-04-21 |
2016-04-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. |
39545 |
CVE-2016-2304 |
200 |
|
+Info |
2016-04-21 |
2016-04-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. |
39546 |
CVE-2016-2303 |
|
|
Http R.Spl. |
2016-04-21 |
2016-04-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. |
39547 |
CVE-2016-2302 |
200 |
|
+Info |
2016-04-21 |
2016-04-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages. |
39548 |
CVE-2016-2301 |
89 |
|
Exec Code Sql |
2016-04-21 |
2016-04-27 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. |
39549 |
CVE-2016-2300 |
287 |
|
Bypass |
2016-04-21 |
2016-04-27 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors. |
39550 |
CVE-2016-2299 |
89 |
|
Exec Code Sql |
2016-04-21 |
2016-12-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |