| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2016-7119 |
79 |
|
XSS |
2016-08-31 |
2016-11-28 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted onclick attribute in an IMG element. |
|
2 |
CVE-2016-7118 |
476 |
|
DoS |
2016-08-31 |
2016-11-28 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image package 3.2.0-4 (kernel 3.2.81-1) in Debian wheezy mishandles F_SETFL fcntl calls on directories, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via standard filesystem operations, as demonstrated by scp from an AUFS filesystem. |
|
3 |
CVE-2016-7115 |
119 |
|
Exec Code Overflow |
2016-08-30 |
2016-11-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the handle_packet function in mactelnet.c in the client in MAC-Telnet 0.4.3 and earlier allows remote TELNET servers to execute arbitrary code via a long string in an MT_CPTYPE_PASSSALT control packet. |
|
4 |
CVE-2016-7089 |
264 |
|
Exec Code +Priv |
2016-08-24 |
2016-11-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN. |
|
5 |
CVE-2016-6909 |
119 |
|
Exec Code Overflow |
2016-08-24 |
2019-05-22 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER. |
|
6 |
CVE-2016-6635 |
352 |
|
CSRF |
2016-08-07 |
2017-11-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option. |
|
7 |
CVE-2016-6634 |
79 |
|
XSS |
2016-08-07 |
2017-11-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
8 |
CVE-2016-6597 |
254 |
|
|
2016-08-10 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus Traveler is enabled, allows remote attackers to access arbitrary web-resources from the backend mail system via a request for the resource, aka an Open Reverse Proxy vulnerability. |
|
9 |
CVE-2016-6516 |
119 |
|
DoS Overflow +Priv |
2016-08-06 |
2016-11-28 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability. |
|
10 |
CVE-2016-6515 |
20 |
|
DoS |
2016-08-07 |
2021-09-14 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string. |
|
11 |
CVE-2016-6513 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
12 |
CVE-2016-6512 |
20 |
|
DoS Overflow |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors. |
|
13 |
CVE-2016-6511 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet. |
|
14 |
CVE-2016-6510 |
189 |
|
DoS Overflow |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. |
|
15 |
CVE-2016-6509 |
20 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
16 |
CVE-2016-6508 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet. |
|
17 |
CVE-2016-6507 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. |
|
18 |
CVE-2016-6506 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. |
|
19 |
CVE-2016-6505 |
369 |
|
DoS |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet. |
|
20 |
CVE-2016-6504 |
476 |
|
DoS |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. |
|
21 |
CVE-2016-6503 |
20 |
|
DoS |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
22 |
CVE-2016-6493 |
254 |
|
|
2016-08-19 |
2016-08-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission. |
|
23 |
CVE-2016-6486 |
264 |
|
+Priv |
2016-08-08 |
2016-11-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors. |
|
24 |
CVE-2016-6480 |
362 |
|
DoS |
2016-08-06 |
2018-01-05 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability. |
|
25 |
CVE-2016-6369 |
264 |
|
+Priv |
2016-08-25 |
2016-12-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. |
|
26 |
CVE-2016-6367 |
|
|
+Priv |
2016-08-18 |
2016-11-28 |
6.8 |
None |
Local |
Low |
??? |
Complete |
Complete |
Complete |
|
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA. |
|
27 |
CVE-2016-6366 |
119 |
|
Exec Code Overflow |
2016-08-18 |
2016-11-28 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
|
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. |
|
28 |
CVE-2016-6365 |
79 |
|
XSS |
2016-08-23 |
2016-12-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518. |
|
29 |
CVE-2016-6364 |
200 |
|
Bypass +Info |
2016-08-23 |
2016-12-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855. |
|
30 |
CVE-2016-6363 |
119 |
|
DoS Overflow |
2016-08-22 |
2016-12-12 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192. |
|
31 |
CVE-2016-6362 |
264 |
|
+Priv |
2016-08-22 |
2016-12-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. |
|
32 |
CVE-2016-6361 |
20 |
|
DoS |
2016-08-22 |
2016-12-12 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288. |
|
33 |
CVE-2016-6359 |
79 |
|
XSS |
2016-08-22 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Cisco Transport Gateway Installation Software 4.1(4.0) on Smart Call Home Transport Gateway devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug IDs CSCva40650 and CSCva40817. |
|
34 |
CVE-2016-6355 |
399 |
|
DoS |
2016-08-23 |
2016-11-28 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791. |
|
35 |
CVE-2016-6320 |
79 |
|
XSS |
2016-08-19 |
2018-01-05 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in app/assets/javascripts/host_edit_interfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form. |
|
36 |
CVE-2016-6319 |
79 |
|
XSS |
2016-08-19 |
2018-02-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb in Foreman before 1.12.2, as used by Remote Execution and possibly other plugins, allows remote attackers to inject arbitrary web script or HTML via the label parameter. |
|
37 |
CVE-2016-6259 |
20 |
|
DoS |
2016-08-02 |
2016-08-04 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check. |
|
38 |
CVE-2016-6258 |
284 |
|
+Priv |
2016-08-02 |
2017-07-01 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. |
|
39 |
CVE-2016-6257 |
310 |
|
|
2016-08-02 |
2021-04-22 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
|
The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a "KeyJack injection attack." |
|
40 |
CVE-2016-6254 |
119 |
|
DoS Exec Code Overflow |
2016-08-19 |
2019-03-04 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet. |
|
41 |
CVE-2016-6232 |
22 |
|
Dir. Trav. |
2016-08-02 |
2016-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. |
|
42 |
CVE-2016-6231 |
200 |
|
+Info |
2016-08-25 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. |
|
43 |
CVE-2016-6214 |
125 |
|
DoS |
2016-08-12 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. |
|
44 |
CVE-2016-6207 |
119 |
|
DoS Overflow |
2016-08-12 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. |
|
45 |
CVE-2016-6198 |
284 |
|
DoS |
2016-08-06 |
2019-12-27 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c. |
|
46 |
CVE-2016-6197 |
20 |
|
DoS |
2016-08-06 |
2019-12-27 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. |
|
47 |
CVE-2016-6195 |
89 |
|
Exec Code Sql |
2016-08-30 |
2017-08-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016. |
|
48 |
CVE-2016-6193 |
264 |
|
DoS Overflow +Priv |
2016-08-02 |
2016-08-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192. |
|
49 |
CVE-2016-6192 |
264 |
|
DoS Overflow +Priv |
2016-08-02 |
2016-08-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193. |
|
50 |
CVE-2016-6187 |
264 |
|
+Priv |
2016-08-06 |
2016-11-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook. |
