Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2016-5160 6.5 MEDIUM 1 PoC Analysis EPSS 0.01

Opensuse Leap < 52.0.2743.116 - Security Feature Bypass

The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks, and trick users into changing extension settings, via a crafted web site, a different vulnerability than CVE-2016-5162.

CWE-254 Sep 11, 2016

CVE-2016-5155 6.5 MEDIUM EPSS 0.01

Google Chrome < 52.0.2743.116 - Security Feature Bypass

Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site.

CWE-254 Sep 11, 2016

CVE-2016-5148 6.1 MEDIUM EPSS 0.01

Google Chrome < 52.0.2743.116 - XSS

Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS (UXSS)."

CWE-79 Sep 11, 2016

CVE-2016-5147 6.1 MEDIUM EPSS 0.01

Google Chrome < 52.0.2743.116 - XSS

Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."

CWE-79 Sep 11, 2016

CVE-2016-6212 5.3 MEDIUM EPSS 0.01

Drupal <7.3.14, <8.1.3 - Auth Bypass

The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.

CWE-200 Sep 09, 2016

CVE-2016-1280 6.5 MEDIUM EPSS 0.00

Juniper Junos OS < various - Auth Bypass

PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos.

CWE-297 Sep 09, 2016

CVE-2016-1277 5.9 MEDIUM EPSS 0.01

Juniper Junos OS < - DoS

Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R6, 15.1 before 15.1F6 or 15.1R3, and 15.1X49 before 15.1X49-D40, when configured with a GRE or IPIP tunnel, allow remote attackers to cause a denial of service (kernel panic) via a crafted ICMP packet.

CWE-20 Sep 09, 2016

CVE-2016-1275 6.5 MEDIUM EPSS 0.00

Juniper Junos OS <13.3R9-14.1R7 - Info Disclosure

Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface.

CWE-399 Sep 09, 2016

CVE-2016-7180 5.9 MEDIUM EPSS 0.01

Debian Linux - Use After Free

epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.

CWE-416 Sep 09, 2016

CVE-2016-7179 5.9 MEDIUM EPSS 0.01

Debian Linux - Memory Corruption

Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

CWE-119 Sep 09, 2016

CVE-2016-7178 5.9 MEDIUM EPSS 0.01

Wireshark - Out-of-Bounds Write

epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet.

CWE-787 Sep 09, 2016

CVE-2016-7177 5.9 MEDIUM EPSS 0.01

Debian Linux - Memory Corruption

epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.

CWE-119 Sep 09, 2016

CVE-2016-7176 5.9 MEDIUM EPSS 0.01

Wireshark - Memory Corruption

epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet.

CWE-119 Sep 09, 2016

CVE-2016-7175 5.9 MEDIUM EPSS 0.00

Wireshark - Out-of-Bounds Read

epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

CWE-125 Sep 09, 2016

CVE-2016-4381 4.5 MEDIUM EPSS 0.00

HPE XP7 CVAE Suite <8.4.1-02 - Privilege Escalation

HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors.

CWE-264 Sep 08, 2016

CVE-2016-4380 5.4 MEDIUM EPSS 0.00

HPE Operations Manager <9.21.130 - XSS

Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Sep 08, 2016

CVE-2016-5404 6.5 MEDIUM EPSS 0.01

Freeipa - Improper Access Control

The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.

CWE-284 Sep 07, 2016

CVE-2016-7108 6.5 MEDIUM EPSS 0.00

Huawei Uma < v200r001c00spc200 - Information Disclosure

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors.

CWE-200 Sep 07, 2016

CVE-2016-6900 5.5 MEDIUM EPSS 0.00

Huawei Rh1288 V3 Server Firmware - Resource Management Error

The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 servers with software before V100R003C10SPC102; and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 allows local users to cause a denial of service (iBMC resource consumption) via unspecified vectors.

CWE-399 Sep 07, 2016

CVE-2016-6898 6.6 MEDIUM EPSS 0.00

Huawei E9000 Chassis < v100r001c00 - Improper Access Control

XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document.

CWE-284 Sep 07, 2016

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps