CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2016(Gain Information) (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-9480 119 DoS Overflow +Info 2016-11-29 2016-12-22
6.4
None Remote Low Not required Partial None Partial
libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.
2 CVE-2016-7914 125 DoS +Info 2016-11-16 2018-01-05
7.1
None Remote Medium Not required Complete None None
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite.
3 CVE-2016-7154 416 DoS Exec Code +Info 2016-09-21 2017-04-10
7.2
None Local Low Not required Complete Complete Complete
Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number.
4 CVE-2016-6680 200 +Info 2016-10-10 2016-12-06
6.8
None Remote Medium Not required Partial Partial Partial
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an iw_set_priv ioctl call, aka Android internal bug 29982678 and Qualcomm internal bug CR 1048052.
5 CVE-2016-6535 798 +Info 2016-09-19 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.
6 CVE-2016-6380 20 DoS Mem. Corr. +Info 2016-10-05 2020-09-29
8.3
None Remote Medium Not required Partial Partial Complete
The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532.
7 CVE-2016-6291 119 DoS Overflow Mem. Corr. +Info 2016-07-25 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.
8 CVE-2016-5722 200 +Info 2016-06-24 2016-09-29
7.5
None Remote Low Not required Partial Partial Partial
Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network.
9 CVE-2016-5423 476 DoS Exec Code +Info 2016-12-09 2018-01-05
6.5
None Remote Low ??? Partial Partial Partial
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.
10 CVE-2016-5392 200 +Info 2016-08-05 2016-08-05
6.8
None Remote Low ??? Complete None None
The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive project and user information via vectors related to the watch-cache list.
11 CVE-2016-5116 119 DoS Overflow +Info 2016-08-07 2018-10-30
6.4
None Remote Low Not required Partial None Partial
gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name.
12 CVE-2016-5114 119 DoS Overflow +Info 2016-08-07 2018-01-05
6.4
None Remote Low Not required Partial None Partial
sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging.
13 CVE-2016-4913 200 +Info 2016-05-23 2019-12-27
7.2
None Local Low Not required Complete Complete Complete
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
14 CVE-2016-4655 200 +Info 2016-08-25 2018-06-08
7.1
None Remote Medium Not required Complete None None
The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
15 CVE-2016-4641 20 Exec Code +Info 2016-07-22 2017-09-01
9.3
None Remote Medium Not required Complete Complete Complete
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."
16 CVE-2016-4640 119 DoS Exec Code Overflow Mem. Corr. +Info 2016-07-22 2017-09-01
9.3
None Remote Medium Not required Complete Complete Complete
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.
17 CVE-2016-4521 200 +Info 2016-05-31 2016-06-01
10.0
None Remote Low Not required Complete Complete Complete
Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors.
18 CVE-2016-4376 254 +Info 2016-08-22 2021-06-22
7.8
None Remote Low Not required Complete None None
HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors.
19 CVE-2016-4375 DoS +Info 2016-09-08 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
20 CVE-2016-4371 352 +Info 2016-06-19 2016-12-16
6.0
None Remote Medium ??? Partial Partial Partial
HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.
21 CVE-2016-4370 Exec Code +Info 2016-06-09 2020-04-29
6.5
None Remote Low ??? Partial Partial Partial
HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors.
22 CVE-2016-4366 DoS +Info 2016-06-08 2017-11-18
7.5
None Remote Low Not required Partial Partial Partial
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
23 CVE-2016-4357 +Info 2016-06-08 2016-08-23
7.5
None Remote Low ??? Partial Complete None
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028.
24 CVE-2016-4328 +Info 2016-06-10 2016-06-10
10.0
None Remote Low Not required Complete Complete Complete
MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server.
25 CVE-2016-4018 284 +Priv +Info 2016-04-14 2018-12-10
7.5
None Remote Low Not required Partial Partial Partial
The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to service functionality, which allows remote attackers to obtain sensitive information, gain privileges, and conduct unspecified other attacks via unspecified vectors, aka SAP Security Note 2262742.
26 CVE-2016-3994 119 DoS Overflow +Info 2016-05-13 2016-12-01
6.4
None Remote Low Not required Partial None Partial
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
27 CVE-2016-3989 264 +Info 2016-07-03 2017-09-03
8.5
None Remote Low ??? Complete Complete None
The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote authenticated users to obtain root privileges for writing to unspecified scripts, and consequently obtain sensitive information or modify data, by leveraging access to the nobody account.
28 CVE-2016-3988 119 DoS Overflow +Info 2016-07-03 2016-07-08
7.5
None Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.
29 CVE-2016-3962 119 DoS Overflow +Info 2016-07-03 2017-09-03
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.
30 CVE-2016-3765 200 DoS +Info 2016-07-11 2016-07-12
6.4
None Remote Low Not required Partial None Partial
decoder/impeg2d_bitstream.c in mediaserver in Android 6.x before 2016-07-01 allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted application, aka internal bug 28168413.
31 CVE-2016-3717 200 +Info 2016-05-05 2018-10-09
7.1
None Remote Medium Not required Complete None None
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
32 CVE-2016-3693 264 +Info 2016-05-20 2018-02-23
6.8
None Remote Medium Not required Partial Partial Partial
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.
33 CVE-2016-3651 200 +Info 2016-06-30 2017-09-01
6.0
None Remote Medium ??? Partial Partial Partial
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
34 CVE-2016-3185 20 DoS +Info 2016-05-16 2016-12-01
6.4
None Remote Low Not required Partial None Partial
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
35 CVE-2016-3157 264 DoS +Priv +Info 2016-04-12 2016-12-03
7.2
None Local Low Not required Complete Complete Complete
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service (guest OS crash), or obtain sensitive information by leveraging I/O port access.
36 CVE-2016-3142 119 DoS Overflow +Info 2016-03-31 2018-01-05
6.4
None Remote Low Not required Partial None Partial
The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location.
37 CVE-2016-3065 264 DoS Bypass +Info 2016-04-11 2016-04-14
8.5
None Remote Low Not required Partial None Complete
The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.
38 CVE-2016-2937 200 +Info 2016-11-30 2016-12-06
6.4
None Remote Low Not required Partial Partial None
IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or spoof e-mail transmission via a crafted POST request, related to an "untrusted information vulnerability."
39 CVE-2016-2917 264 +Priv +Info 2016-11-30 2016-12-01
6.5
None Remote Low ??? Partial Partial Partial
The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors.
40 CVE-2016-2558 119 DoS Overflow +Priv +Info 2016-04-12 2021-09-09
7.2
None Local Low Not required Complete Complete Complete
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.
41 CVE-2016-2557 264 DoS +Priv +Info 2016-04-12 2021-09-09
7.2
None Local Low Not required Complete Complete Complete
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.
42 CVE-2016-2419 264 Bypass +Info 2016-04-18 2016-04-25
10.0
None Remote Low Not required Complete Complete Complete
media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26323455.
43 CVE-2016-2418 119 Overflow Bypass +Info 2016-04-18 2016-04-20
10.0
None Remote Low Not required Complete Complete Complete
media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26324358.
44 CVE-2016-2417 264 Bypass +Info 2016-04-18 2017-09-08
10.0
None Remote Low Not required Complete Complete Complete
media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26914474.
45 CVE-2016-2416 264 Bypass +Info 2016-04-18 2016-04-25
10.0
None Remote Low Not required Complete Complete Complete
libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via a dump request, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27046057.
46 CVE-2016-2415 200 +Info 2016-04-18 2016-04-21
7.1
None Remote Medium Not required Complete None None
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, aka internal bug 26488455.
47 CVE-2016-2343 +Info 2016-04-01 2016-04-04
10.0
None Remote Low Not required Complete Complete Complete
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements.
48 CVE-2016-2308 +Info 2016-10-05 2016-10-05
7.5
None Remote Low Not required Partial Partial Partial
American Auto-Matrix Aspect-Nexus Building Automation Front-End Solutions application before 3.0.0 and Aspect-Matrix Building Automation Front-End Solutions application store passwords in cleartext, which allows remote attackers to obtain sensitive information by reading a file.
49 CVE-2016-2306 310 +Info 2016-04-22 2016-04-27
7.8
None Remote Low Not required Complete None None
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network.
50 CVE-2016-2298 200 +Info 2016-05-14 2016-11-30
10.0
None Remote Low Not required Complete Complete Complete
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors.
Total number of vulnerabilities : 107   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.