CVE & Exploit Intelligence Database

CVE-2016-4491 5.5 MEDIUM EPSS 0.01

The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."

CWE-119 Feb 24, 2017

CVE-2016-4490 5.5 MEDIUM EPSS 0.01

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.

CWE-190 Feb 24, 2017

CVE-2016-4489 5.5 MEDIUM EPSS 0.00

Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."

CWE-190 Feb 24, 2017

CVE-2016-4488 5.5 MEDIUM EPSS 0.00

Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."

CWE-416 Feb 24, 2017

CVE-2016-4487 5.5 MEDIUM EPSS 0.00

Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."

CWE-416 Feb 24, 2017

CVE-2016-4043 4.9 MEDIUM EPSS 0.00

Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates.

CWE-264 Feb 24, 2017

CVE-2016-4042 5.3 MEDIUM EPSS 0.00

Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

CWE-200 Feb 24, 2017

CVE-2017-6299 5.5 MEDIUM EPSS 0.00

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."

CWE-835 Feb 24, 2017

CVE-2017-6197 5.5 MEDIUM 1 Writeup EPSS 0.00

The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by the r_read_le32 function.

CWE-476 Feb 24, 2017

CVE-2017-6099 6.1 MEDIUM EPSS 0.00

Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter.

CWE-79 Feb 24, 2017

CVE-2017-6076 5.5 MEDIUM EPSS 0.00

In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine.

CWE-200 Feb 24, 2017

CVE-2014-9916 6.1 MEDIUM 1 PoC Analysis EPSS 0.00

Multiple cross-site scripting (XSS) vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) tribe_name or (2) tags parameter in a tribes page request to user/ or the (3) user_id or (4) fullname parameter to signup.php.

CWE-79 Feb 24, 2017

CVE-2016-6055 5.4 MEDIUM EPSS 0.00

IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515.

CWE-79 Feb 23, 2017

CVE-2016-5883 6.1 MEDIUM EPSS 0.00

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997010.

CWE-79 Feb 23, 2017

CVE-2017-6188 5.5 MEDIUM EPSS 0.00

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.

CWE-20 Feb 22, 2017

CVE-2016-8986 6.5 MEDIUM EPSS 0.00

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.

CWE-284 Feb 22, 2017

CVE-2016-8915 6.5 MEDIUM EPSS 0.00

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.

CWE-284 Feb 22, 2017

CVE-2016-3052 5.9 MEDIUM EPSS 0.00

Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.

CWE-200 Feb 22, 2017

CVE-2016-3013 6.5 MEDIUM EPSS 0.01

IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.

CWE-19 Feb 22, 2017

CVE-2016-9910 6.1 MEDIUM 1 Writeup EPSS 0.00

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909.

CWE-79 Feb 22, 2017