Latest CVE Feed
-
9.8
CRITICALCVE-2016-0917
The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra (all supported versions) does n... Read more
Affected Products : vnx1_oe_firmware vnx2_oe_firmware vnxe_oe_firmware vnx5200 vnx5400 vnx5600 vnx5800 vnxe1600 vnxe3100 vnxe3150 +3 more products- EPSS Score: %4.13
- Published: Sep. 21, 2016
- Modified: Apr. 12, 2025
-
7.2
HIGHCVE-2016-0905
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.... Read more
Affected Products : avamar_server- EPSS Score: %0.21
- Published: Sep. 21, 2016
- Modified: Apr. 12, 2025
-
8.6
HIGHCVE-2016-0904
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain se... Read more
Affected Products : avamar_server- EPSS Score: %0.31
- Published: Sep. 21, 2016
- Modified: Apr. 12, 2025
-
9.1
CRITICALCVE-2016-0903
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent.... Read more
Affected Products : avamar_server- EPSS Score: %0.63
- Published: Sep. 21, 2016
- Modified: Apr. 12, 2025
-
8.1
HIGHCVE-2015-8960
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client sec... Read more
Affected Products : firefox solidfire_\&_hci_management_node internet_explorer data_ontap_edge chrome oncommand_shift plug-in_for_symantec_netbackup snapmanager opera_browser safari +8 more products- EPSS Score: %0.36
- Published: Sep. 21, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-6802
Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.... Read more
Affected Products : shiro- EPSS Score: %9.91
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-6662
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local us... Read more
- EPSS Score: %89.17
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8934
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.... Read more
- EPSS Score: %2.41
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8933
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.... Read more
- EPSS Score: %0.31
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8932
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.... Read more
- EPSS Score: %0.63
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2015-8931
Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined be... Read more
- EPSS Score: %0.30
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-8930
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.... Read more
- EPSS Score: %4.80
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8929
Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.... Read more
- EPSS Score: %0.27
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8928
The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.... Read more
- EPSS Score: %0.30
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8927
The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.... Read more
Affected Products : libarchive- EPSS Score: %0.22
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8926
The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.... Read more
- EPSS Score: %0.41
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8925
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.... Read more
- EPSS Score: %0.51
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8924
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.... Read more
- EPSS Score: %0.33
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2015-8923
The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.... Read more
- EPSS Score: %2.19
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8922
The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.... Read more
- EPSS Score: %0.37
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025