Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2015-8551 6.0 MEDIUM EPSS 0.00

Xen - DoS

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."

CWE-476 Apr 13, 2016

CVE-2015-7555 5.5 MEDIUM EPSS 0.00

giflib 5.1.1 - Buffer Overflow

Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.

CWE-119 Apr 13, 2016

CVE-2015-0861 4.3 MEDIUM EPSS 0.00

Trytond < 3.2.10 - Access Control

model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records.

CWE-264 Apr 13, 2016

CVE-2016-2116 5.7 MEDIUM EPSS 0.07

Canonical Ubuntu Linux < 1.900.1 - Resource Management Error

Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.

CWE-399 Apr 13, 2016

CVE-2016-1496 5.5 MEDIUM EPSS 0.00

Huawei P8 - DoS

The graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 allows attackers to cause a denial of service (system crash) via a crafted application, aka a "semaphore deadlock issue."

CWE-399 Apr 13, 2016

CVE-2015-8682 6.1 MEDIUM EPSS 0.00

Huawei Mate S Firmware < crr-cl00c92b153 - Improper Input Validation

The Video0 driver in Huawei P8 smartphones with software GRA-UL00 before GRA-UL00C00B350, GRA-UL10 before GRA-UL10C00B350, GRA-TL00 before GRA-TL00C01B350, GRA-CL00 before GRA-CL00C92B350, and GRA-CL10 before GRA-CL10C92B350 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to obtain sensitive information from stack memory or cause a denial of service (system crash) via a crafted application, which triggers an invalid memory access.

CWE-20 Apr 13, 2016

CVE-2014-6276 4.3 MEDIUM EPSS 0.00

Roundup <1.5.1 - Info Disclosure

schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.

CWE-264 Apr 13, 2016

CVE-2016-1377 6.1 MEDIUM EPSS 0.00

Cisco Unity Connection <11.0 - XSS

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.

CWE-79 Apr 12, 2016

CVE-2016-1376 5.3 MEDIUM EPSS 0.00

Cisco IOS XR <5.3.1 - DoS

Cisco IOS XR 4.2.3, 4.3.0, 4.3.4, and 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (CRC and symbol errors, and interface flap) via crafted bit patterns in packets, aka Bug ID CSCuv78548.

CWE-20 Apr 12, 2016

CVE-2016-0887 5.9 MEDIUM EPSS 0.01

EMC RSA BSAFE - Info Disclosure

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session.

CWE-200 Apr 12, 2016

CVE-2016-0162 4.3 MEDIUM KEV EPSS 0.38

Microsoft Internet Explorer - Information Disclosure

Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."

Apr 12, 2016

CVE-2016-0161 6.5 MEDIUM EPSS 0.24

Microsoft Edge - Security Feature Bypass

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.

CWE-254 Apr 12, 2016

CVE-2016-0158 6.5 MEDIUM EPSS 0.19

Microsoft Edge - Security Feature Bypass

Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161.

CWE-254 Apr 12, 2016

CVE-2016-0128 6.8 MEDIUM EPSS 0.60

Microsoft Windows 10 - Security Feature Bypass

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK."

CWE-254 Apr 12, 2016

CVE-2016-4004 4.9 MEDIUM 2 PoCs Analysis EPSS 0.12

Dell OMSA 8.2 - Path Traversal

Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parameter to ViewFile.

CWE-22 Apr 12, 2016

CVE-2015-7520 6.1 MEDIUM EPSS 0.01

Apache Wicket <1.5.15, <6.22.0, <7.2.0 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value" attribute in a <input> element.

CWE-79 Apr 12, 2016

CVE-2015-5347 6.1 MEDIUM 1 PoC Analysis EPSS 0.02

Apache Wicket <7.2.0 - XSS

Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 might allow remote attackers to inject arbitrary web script or HTML via a ModalWindow title.

CWE-79 Apr 12, 2016

CVE-2016-4003 6.1 MEDIUM EPSS 0.02

JRE <1.8 - XSS

Cross-site scripting (XSS) vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter.

CWE-79 Apr 12, 2016

CVE-2016-2162 6.1 MEDIUM EPSS 0.01

Apache Struts < 2.3.28 - XSS

Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors involving language display.

CWE-79 Apr 12, 2016

CVE-2016-3170 5.3 MEDIUM EPSS 0.00

Debian Linux < 7.43 - Information Disclosure

The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in.

CWE-200 Apr 12, 2016

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps