Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2016-7168 4.8 MEDIUM EPSS 0.01

Wordpress < 4.6 - XSS

Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename.

CWE-79 Jan 05, 2017

CVE-2016-10011 5.5 MEDIUM EPSS 0.00

OpenSSH <7.4 - Info Disclosure

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CWE-320 Jan 05, 2017

CVE-2016-6595 6.5 MEDIUM EPSS 0.01

SwarmKit 1.12.0 - DoS

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At some point the manager obviously stops being able to accept new nodes, since it runs out of memory. Given that both for Docker swarm and for Docker Swarmkit nodes are *required* to provide a secret token (it's actually the only mode of operation), this means that no adversary can simply join nodes and exhaust manager resources. We can't do anything about a manager running out of memory and not being able to add new legitimate nodes to the system. This is merely a resource provisioning issue, and definitely not a CVE worthy vulnerability.

CWE-399 Jan 04, 2017

CVE-2016-10112 4.8 MEDIUM EPSS 0.00

WooCommerce <2.6.9 - XSS

Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted tax-rate table values in CSV format.

CWE-79 Jan 04, 2017

CVE-2016-5024 5.9 MEDIUM EPSS 0.02

F5 Big-ip Local Traffic Manager - Improper Input Validation

Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.

CWE-20 Jan 03, 2017

CVE-2016-10106 6.5 MEDIUM EPSS 0.01

NETGEAR FVS336Gv3-FVS318N-SRX5308 - Path Traversal

Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by reading the /etc/shadow file.

CWE-22 Jan 03, 2017

CVE-2016-10100 5.3 MEDIUM EPSS 0.00

Borg <1.0.9 - Code Injection

Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive.

CWE-20 Jan 02, 2017

CVE-2016-10099 5.3 MEDIUM EPSS 0.01

Borg <1.0.9 - Info Disclosure

Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives.

CWE-310 Jan 02, 2017

CVE-2016-6859 4.3 MEDIUM EPSS 0.00

SAP Hybris - Information Disclosure

Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to obtain sensitive information by triggering an error and then reading a Java stack trace.

CWE-200 Dec 31, 2016

CVE-2016-6858 5.4 MEDIUM EPSS 0.00

SAP Hybris < 5.0.4.11 - XSS

Cross-site scripting (XSS) vulnerability in the Create Employee feature in Hybris Management Console (HMC) in SAP Hybris before 5.0.4.11, 5.1.0.x before 5.1.0.11, 5.1.1.x before 5.1.1.12, 5.2.0.x and 5.3.0.x before 5.3.0.10, 5.4.x before 5.4.0.9, 5.5.0.x before 5.5.0.9, 5.5.1.x before 5.5.1.10, 5.6.x before 5.6.0.8, and 5.7.x before 5.7.0.9 allows remote authenticated users to inject arbitrary web script or HTML via the Name field.

CWE-79 Dec 31, 2016

CVE-2016-6857 5.4 MEDIUM EPSS 0.00

SAP Hybris < 5.2.0.13 - XSS

Cross-site scripting (XSS) vulnerability in the Create Catalogue feature in Hybris Management Console (HMC) in SAP Hybris before 5.2.0.13, 5.3.x before 5.3.0.11, 5.4.x before 5.4.0.11, 5.5.0.x before 5.5.0.10, 5.5.1.x before 5.5.1.11, 5.6.x before 5.6.0.11, and 5.7.x before 5.7.0.15 allows remote authenticated users to inject arbitrary web script or HTML via the ID field.

CWE-79 Dec 31, 2016

CVE-2016-6856 6.1 MEDIUM EPSS 0.00

SAP Hybris < 5.6.0.10 - XSS

Cross-site scripting (XSS) vulnerability in the Inbox Search feature in Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to inject arbitrary web script or HTML via the itemsperpage parameter.

CWE-79 Dec 31, 2016

CVE-2016-10083 6.1 MEDIUM EPSS 0.00

Piwigo <2.8.3 - XSS

Cross-site scripting (XSS) vulnerability in admin/plugin.php in Piwigo through 2.8.3 allows remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in a certain error case.

CWE-79 Dec 30, 2016

CVE-2016-9916 6.5 MEDIUM EPSS 0.00

Qemu < 2.8.0 - Memory Leak

Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

CWE-401 Dec 29, 2016

CVE-2016-9915 6.5 MEDIUM EPSS 0.00

Qemu < 2.7.1 - Memory Leak

Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.

CWE-401 Dec 29, 2016

CVE-2016-9914 6.5 MEDIUM EPSS 0.00

Qemu < 2.7.1 - Memory Leak

Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.

CWE-401 Dec 29, 2016

CVE-2016-9913 6.5 MEDIUM EPSS 0.00

Qemu < 2.7.1 - Memory Leak

Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup.

CWE-401 Dec 29, 2016

CVE-2016-9846 6.5 MEDIUM EPSS 0.00

Qemu < 2.7.1 - Memory Corruption

QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host.

CWE-119 Dec 29, 2016

CVE-2016-9845 6.5 MEDIUM EPSS 0.00

Qemu < 2.8.0 - Information Disclosure

QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes.

CWE-200 Dec 29, 2016

CVE-2016-9776 5.5 MEDIUM EPSS 0.00

Qemu < 2.7.1 - Infinite Loop

QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS.

CWE-835 Dec 29, 2016

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps