CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2016(Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-7420 200 +Info 2016-09-16 2016-11-28
4.3
None Remote Medium Not required Partial None None
Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory after an assertion failure, as demonstrated by reading a core dump.
2 CVE-2016-7154 416 DoS Exec Code +Info 2016-09-21 2017-04-10
7.2
None Local Low Not required Complete Complete Complete
Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number.
3 CVE-2016-7153 200 +Info 2016-09-06 2017-02-19
5.0
None Remote Low Not required Partial None None
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
4 CVE-2016-7152 200 +Info 2016-09-06 2017-02-19
5.0
None Remote Low Not required Partial None None
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
5 CVE-2016-7128 200 +Info 2016-09-12 2018-01-05
5.0
None Remote Low Not required Partial None None
The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
6 CVE-2016-7108 200 +Info 2016-09-07 2016-09-08
4.0
None Remote Low ??? Partial None None
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors.
7 CVE-2016-7090 200 +Info 2016-09-29 2016-11-28
4.3
None Remote Medium Not required Partial None None
The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
8 CVE-2016-6936 200 +Info 2016-09-16 2017-08-13
5.0
None Remote Low Not required Partial None None
Adobe AIR SDK & Compiler before 23.0.0.257 on Windows does not support Android runtime-analytics transport security, which might allow remote attackers to obtain sensitive information by leveraging access to a network over which analytics data is sent.
9 CVE-2016-6899 310 +Info 2016-09-07 2016-09-08
4.3
None Remote Medium Not required Partial None None
The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm.
10 CVE-2016-6838 310 +Info 2016-09-07 2016-09-09
4.3
None Remote Medium Not required Partial None None
Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC122, CH220 V3 servers with software before V100R001C00SPC201, and CH121 V3 and CH222 V3 servers with software before V100R001C00SPC202 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSH encryption algorithm.
11 CVE-2016-6827 200 +Info 2016-09-26 2019-10-09
4.0
None Remote Low ??? Partial None None
Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
12 CVE-2016-6670 200 +Info 2016-09-07 2016-09-08
5.0
None Remote Low Not required Partial None None
Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging knowledge of a certificate.
13 CVE-2016-6639 254 +Info 2016-09-18 2021-09-09
5.0
None Remote Low Not required Partial None None
Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.
14 CVE-2016-6537 200 +Info 2016-09-19 2016-11-28
5.0
None Remote Low Not required Partial None None
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store passwords in a cleartext base64 format and require cleartext credentials in HTTP Cookie headers, which allows context-dependent attacks to obtain sensitive information by reading these strings.
15 CVE-2016-6535 798 +Info 2016-09-19 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.
16 CVE-2016-6415 200 +Info 2016-09-19 2020-06-03
5.0
None Remote Low Not required Partial None None
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
17 CVE-2016-6398 200 +Info 2016-09-12 2016-11-28
5.0
None Remote Low Not required Partial None None
The PPTP server in Cisco IOS 15.5(3)M does not properly initialize packet buffers, which allows remote attackers to obtain sensitive information from earlier network communication by reading packet data, aka Bug ID CSCvb16274.
18 CVE-2016-6345 200 +Info 2016-09-07 2016-09-08
4.0
None Remote Low ??? Partial None None
RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.
19 CVE-2016-6344 200 +Info 2016-09-07 2018-01-05
5.0
None Remote Low Not required Partial None None
Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly flag in a Set-Cookie header for session cookies, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.
20 CVE-2016-6298 200 +Info 2016-09-01 2016-11-28
4.3
None Remote Medium Not required Partial None None
The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA).
21 CVE-2016-6262 125 +Info 2016-09-07 2021-06-29
5.0
None Remote Low Not required Partial None None
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.
22 CVE-2016-6212 200 Bypass +Info 2016-09-09 2016-11-28
5.0
None Remote Low Not required Partial None None
The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
23 CVE-2016-6153 20 DoS +Info 2016-09-26 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.
24 CVE-2016-6146 200 +Info 2016-09-27 2016-09-28
5.0
None Remote Low Not required Partial None None
The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226.
25 CVE-2016-5976 200 +Info 2016-09-26 2016-11-28
2.6
None Remote High Not required Partial None None
The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to discover component passwords via unspecified vectors.
26 CVE-2016-5972 200 +Info 2016-09-26 2016-11-28
4.9
None Remote Medium ??? Partial Partial None
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 uses weak permissions for unspecified resources, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
27 CVE-2016-5971 200 DoS +Info 2016-09-26 2016-11-28
5.5
None Remote Low ??? Partial None Partial
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
28 CVE-2016-5957 310 +Info 2016-09-26 2016-11-28
5.0
None Remote Low Not required Partial None None
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive information by leveraging a weak algorithm.
29 CVE-2016-5946 200 Dir. Trav. +Info 2016-09-26 2016-11-28
4.0
None Remote Low ??? Partial None None
Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
30 CVE-2016-5927 200 +Info 2016-09-12 2016-11-28
2.1
None Local Low Not required Partial None None
IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.
31 CVE-2016-5746 +Info 2016-09-26 2018-10-30
1.2
None Local High Not required Partial None None
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
32 CVE-2016-5429 200 +Info 2016-09-03 2019-12-19
4.3
None Remote Medium Not required Partial None None
jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, related to JWE.php and JWS.php.
33 CVE-2016-5282 200 +Info 2016-09-22 2017-07-30
4.3
None Remote Medium Not required Partial None None
Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.
34 CVE-2016-5279 200 +Info 2016-09-22 2017-07-30
4.3
None Remote Medium Not required Partial None None
Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.
35 CVE-2016-5172 200 +Info 2016-09-25 2018-01-05
4.3
None Remote Medium Not required Partial None None
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.
36 CVE-2016-5166 200 +Info 2016-09-11 2018-10-30
2.6
None Remote High Not required Partial None None
The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the "Save page as" menu choice.
37 CVE-2016-4968 200 +Info 2016-09-21 2016-09-21
4.0
None Remote Low ??? Partial None None
The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request.
38 CVE-2016-4967 200 +Info 2016-09-21 2016-09-21
4.0
None Remote Low ??? Partial None None
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configuration via script/cfg_show.php or (2) PCAP files via script/system/tcpdump.php.
39 CVE-2016-4776 125 DoS +Info 2016-09-25 2019-03-13
5.8
None Remote Medium Not required Partial None Partial
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774.
40 CVE-2016-4774 125 DoS +Info 2016-09-25 2019-03-13
5.8
None Remote Medium Not required Partial None Partial
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776.
41 CVE-2016-4773 125 DoS +Info 2016-09-25 2019-03-13
5.8
None Remote Medium Not required Partial None Partial
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776.
42 CVE-2016-4771 200 Bypass +Info 2016-09-25 2017-07-30
4.3
None Remote Medium Not required Partial None None
The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname.
43 CVE-2016-4763 310 +Info 2016-09-25 2017-07-30
4.9
None Remote Medium ??? Partial Partial None
WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
44 CVE-2016-4758 200 +Info 2016-09-25 2017-07-30
4.3
None Remote Medium Not required Partial None None
WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site.
45 CVE-2016-4755 200 +Info 2016-09-25 2017-07-30
2.1
None Local Low Not required Partial None None
Terminal in Apple OS X before 10.12 uses weak permissions for the .bash_history and .bash_session files, which allows local users to obtain sensitive information via unspecified vectors.
46 CVE-2016-4752 200 +Info 2016-09-25 2017-07-30
4.3
None Remote Medium Not required Partial None None
The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation.
47 CVE-2016-4749 200 +Info 2016-09-18 2017-08-13
2.1
None Local Low Not required Partial None None
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.
48 CVE-2016-4747 200 +Info 2016-09-18 2017-08-13
4.3
None Remote Medium Not required Partial None None
Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.
49 CVE-2016-4746 200 +Info 2016-09-18 2017-08-13
5.0
None Remote Low Not required Partial None None
The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction.
50 CVE-2016-4745 200 +Info 2016-09-25 2017-07-30
5.0
None Remote Low Not required Partial None None
The Kerberos 5 (aka krb5) PAM module in Apple OS X before 10.12 does not use constant-time operations for determining username validity, which makes it easier for remote attackers to enumerate user accounts via a timing side-channel attack.
Total number of vulnerabilities : 99   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.