CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 8 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4151 CVE-2016-6492 264 +Priv 2017-01-12 2018-10-09
9.3
None Remote Medium Not required Complete Complete Complete
The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call.
4152 CVE-2016-6452 287 Bypass 2016-11-03 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. Cisco Prime Home versions 5.1.1.6 and earlier and 5.2.2.2 and earlier have been confirmed to be vulnerable. Cisco Prime Home versions 6.0 and later are not vulnerable. More Information: CSCvb71732. Known Affected Releases: 5.0 5.0(1) 5.0(1.1) 5.0(1.2) 5.0(2) 5.15.1(0) 5.1(1) 5.1(1.3) 5.1(1.4) 5.1(1.5) 5.1(1.6) 5.1(2) 5.1(2.1) 5.1(2.3) 5.25.2(0.1) 5.2(1.0) 5.2(1.2) 5.2(2.0) 5.2(2.1) 5.2(2.2).
4153 CVE-2016-6441 119 Exec Code Overflow 2016-11-03 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Series Aggregation Services Routers (ASR902, ASR903, and ASR907) that are running the following releases of Cisco IOS XE Software: 3.17.0S 3.17.1S 3.17.2S 3.18.0S 3.18.1S. More Information: CSCuy15175. Known Affected Releases: 15.6(1)S 15.6(2)S. Known Fixed Releases: 15.6(1)S2.12 15.6(1.17)S0.41 15.6(1.17)SP 15.6(2)SP 16.4(0.183) 16.5(0.10).
4154 CVE-2016-6433 20 Exec Code 2016-10-06 2017-09-02
9.0
None Remote Low Single system Complete Complete Complete
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.
4155 CVE-2016-6432 119 Exec Code Overflow 2016-10-27 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic.
4156 CVE-2016-6406 264 2016-09-22 2017-07-29
10.0
Admin Remote Low Not required Complete Complete Complete
Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017.
4157 CVE-2016-6397 287 2016-10-28 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. Affected Products: This vulnerability affects Cisco IPICS releases 4.8(1) to 4.10(1). More Information: CSCva46644. Known Affected Releases: 4.10(1) 4.8(1) 4.8(2) 4.9(1) 4.9(2).
4158 CVE-2016-6380 20 DoS Mem. Corr. +Info 2016-10-05 2017-07-29
8.3
None Remote Medium Not required Partial Partial Complete
The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532.
4159 CVE-2016-6373 78 Exec Code 2016-09-22 2017-07-29
9.0
None Remote Low Single system Complete Complete Complete
The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated administrators to execute arbitrary OS commands as root via crafted platform commands, aka Bug ID CSCva00541.
4160 CVE-2016-6366 119 Exec Code Overflow 2016-08-18 2016-11-28
8.5
None Remote Medium Single system Complete Complete Complete
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.
4161 CVE-2016-6330 502 Exec Code 2016-09-27 2016-12-23
9.0
None Remote Low Not required Partial Partial Complete
The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3737.
4162 CVE-2016-6309 416 DoS Exec Code 2016-09-26 2018-07-11
10.0
None Remote Low Not required Complete Complete Complete
statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session.
4163 CVE-2016-6299 264 +Priv Bypass 2017-04-14 2017-04-25
9.3
None Remote Medium Not required Complete Complete Complete
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.
4164 CVE-2016-6277 352 Exec Code 2016-12-14 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
4165 CVE-2016-6270 77 Exec Code 2017-01-30 2017-02-07
9.0
None Remote Low Single system Complete Complete Complete
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the password to api/v1/cfg/oauth/save_identify_pfx/.
4166 CVE-2016-6206 20 DoS Exec Code 2017-03-24 2017-03-27
10.0
None Remote Low Not required Complete Complete Complete
Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.
4167 CVE-2016-6193 264 DoS Overflow +Priv 2016-08-02 2016-08-03
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192.
4168 CVE-2016-6192 264 DoS Overflow +Priv 2016-08-02 2016-08-03
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193.
4169 CVE-2016-6182 284 DoS +Priv 2016-09-07 2016-09-08
9.3
None Remote Medium Not required Complete Complete Complete
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6181, CVE-2016-6183, and CVE-2016-6184.
4170 CVE-2016-6152 DoS Exec Code 2016-07-25 2016-11-28
9.0
None Remote Low Single system Complete Complete Complete
CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.
4171 CVE-2016-6151 DoS Exec Code 2016-07-25 2016-11-28
9.0
None Remote Low Single system Complete Complete Complete
CA eHealth 6.2.x allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.
4172 CVE-2016-6147 78 Exec Code 2016-08-05 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.
4173 CVE-2016-6138 22 Dir. Trav. 2016-08-05 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
4174 CVE-2016-6137 Exec Code 2016-09-27 2016-09-28
10.0
None Remote Low Not required Complete Complete Complete
An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.
4175 CVE-2016-6115 119 Exec Code Overflow 2017-02-01 2017-02-15
9.0
None Remote Low Single system Complete Complete Complete
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.
4176 CVE-2016-6111 611 DoS 2017-03-31 2017-04-04
8.5
None Remote Low Not required Partial None Complete
IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833.
4177 CVE-2016-6082 416 Exec Code 2017-02-01 2017-02-08
10.0
None Remote Low Not required Complete Complete Complete
IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit this vulnerability to execute arbitrary code on the system.
4178 CVE-2016-6042 119 Exec Code Overflow 2017-02-01 2017-02-09
9.3
None Remote Medium Not required Complete Complete Complete
IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system in the same context as the victim.
4179 CVE-2016-5872 20 2017-08-18 2017-08-21
10.0
None Remote Low Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.
4180 CVE-2016-5871 190 Overflow 2017-08-18 2017-08-23
10.0
None Remote Low Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.
4181 CVE-2016-5864 264 Overflow 2017-08-16 2017-08-20
9.3
None Remote Medium Not required Complete Complete Complete
In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. In another function, a missing check for a lower bound may result in an out of bounds memory access.
4182 CVE-2016-5863 264 2017-08-16 2017-08-20
9.3
None Remote Medium Not required Complete Complete Complete
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.
4183 CVE-2016-5861 264 Overflow 2017-08-16 2017-08-20
8.3
None Local Network Low Not required Complete Complete Complete
In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.
4184 CVE-2016-5843 89 Exec Code Sql 2016-09-16 2016-11-28
9.0
None Remote Low Not required Complete Partial Partial
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
4185 CVE-2016-5840 20 Exec Code 2016-06-30 2016-11-28
9.0
None Remote Low Single system Complete Complete Complete
hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.
4186 CVE-2016-5814 119 Exec Code Overflow 2016-09-18 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file.
4187 CVE-2016-5799 285 2016-08-23 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
4188 CVE-2016-5791 287 2017-10-12 2017-11-03
10.0
None Remote Low Not required Complete Complete Complete
An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication.
4189 CVE-2016-5788 285 2016-11-24 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.
4190 CVE-2016-5745 284 2016-10-05 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2 allow remote attackers to modify or extract system configuration files via vectors involving NAT64.
4191 CVE-2016-5743 20 Exec Code 2016-07-22 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.
4192 CVE-2016-5700 284 Exec Code 2016-10-03 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors.
4193 CVE-2016-5686 287 Bypass 2016-10-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote attackers to bypass authentication via a custom communication protocol.
4194 CVE-2016-5685 74 2016-11-29 2016-12-01
9.0
None Remote Low Single system Complete Complete Complete
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.
4195 CVE-2016-5681 119 Exec Code Overflow 2016-08-25 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie.
4196 CVE-2016-5680 119 Exec Code Overflow 2016-08-31 2017-09-02
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command.
4197 CVE-2016-5679 78 Exec Code 2016-08-31 2017-09-02
9.0
Admin Remote Low Single system Complete Complete Complete
cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.
4198 CVE-2016-5678 798 2016-08-31 2017-09-02
10.0
Admin Remote Low Not required Complete Complete Complete
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.
4199 CVE-2016-5675 20 Exec Code 2016-08-31 2017-09-02
10.0
Admin Remote Low Not required Complete Complete Complete
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.
4200 CVE-2016-5674 20 Exec Code 2016-08-31 2017-09-02
10.0
Admin Remote Low Not required Complete Complete Complete
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.