Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2016-4789 6.1 MEDIUM EPSS 0.00

Ivanti Connect Secure - XSS

Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 May 26, 2016

CVE-2016-4788 5.8 MEDIUM EPSS 0.00

Pulse Connect Secure <8.2r1-7.4r13.4 - Info Disclosure

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.

May 26, 2016

CVE-2016-2784 4.7 MEDIUM 1 PoC Analysis EPSS 0.06

Cmsmadesimple Cms Made Simple - XSS

CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.

CWE-79 May 26, 2016

CVE-2016-4575 6.1 MEDIUM EPSS 0.00

Huawei Ath Firmware - XSS

Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 before TL00HC01B361, and UL00C00 before UL00C00B361; CherryPlus smartphones with software TL00C00 before TL00C00B553, UL00C00 before UL00C00B553, and TL00MC01 before TL00MC01B553; and RIO smartphones with software AL00C00 before AL00C00B360 allows remote attackers to inject arbitrary web script or HTML via an email message.

CWE-79 May 25, 2016

CVE-2016-4020 6.5 MEDIUM EPSS 0.00

QEMU - Info Disclosure

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

May 25, 2016

CVE-2014-3672 6.5 MEDIUM EPSS 0.00

Redhat Libvirt < 1.2.21 - Denial of Service

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.

CWE-400 May 25, 2016

CVE-2016-0264 5.6 MEDIUM EPSS 0.13

IBM SDK, Java Technology Edition <6.0.16.25-8.0.3.0 - RCE

Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.

CWE-119 May 24, 2016

CVE-2016-4783 6.1 MEDIUM EPSS 0.00

Lenovo Shareit - XSS

Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

CWE-79 May 23, 2016

CVE-2016-4037 6.0 MEDIUM EPSS 0.00

QEMU - DoS

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.

CWE-400 May 23, 2016

CVE-2015-8558 5.5 MEDIUM EPSS 0.00

QEMU - DoS

The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.

CWE-835 May 23, 2016

CVE-2016-4581 5.5 MEDIUM EPSS 0.00

Canonical Ubuntu Linux < 4.5.3 - Denial of Service

fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.

May 23, 2016

CVE-2016-4578 5.5 MEDIUM 1 PoC Analysis EPSS 0.00

Linux Kernel < 4.6 - Information Disclosure

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.

CWE-200 May 23, 2016

CVE-2016-4569 5.5 MEDIUM EPSS 0.00

Linux Kernel < 4.6 - Information Disclosure

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.

CWE-200 May 23, 2016

CVE-2016-4482 6.2 MEDIUM EPSS 0.00

Canonical Ubuntu Linux < 4.6 - Information Disclosure

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

CWE-200 May 23, 2016

CVE-2016-2190 5.3 MEDIUM EPSS 0.00

Moodle < 2.6.11 - Access Control

Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log.

CWE-264 May 22, 2016

CVE-2016-2159 4.3 MEDIUM EPSS 0.00

Moodle < 2.6.11 - Improper Access Control

The save_submission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for a web-service request.

CWE-284 May 22, 2016

CVE-2016-2158 4.3 MEDIUM EPSS 0.00

Moodle < 2.6.11 - Information Disclosure

lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attackers to obtain sensitive category-detail information from the navigation branch by leveraging the guest role for an Ajax request.

CWE-200 May 22, 2016

CVE-2016-2156 4.3 MEDIUM EPSS 0.00

Moodle < 2.6.11 - Information Disclosure

calendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 provides calendar-event data without considering whether an activity is hidden, which allows remote authenticated users to obtain sensitive information via a web-service request.

CWE-200 May 22, 2016

CVE-2016-2155 4.3 MEDIUM EPSS 0.00

Moodle < 2.8.11 - Access Control

The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/grade:manage capability, which allows remote authenticated users to modify "Exclude grade" settings by leveraging the Non-Editing Instructor role.

CWE-264 May 22, 2016

CVE-2016-2154 4.3 MEDIUM EPSS 0.00

Moodle < 2.8.11 - Information Disclosure

admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule.

CWE-200 May 22, 2016

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps