Latest CVE Feed
-
7.5
HIGHCVE-2016-6876
The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +4 more products- EPSS Score: %0.89
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2016-6839
CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.... Read more
Affected Products : fusionaccess- EPSS Score: %0.15
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-6838
Huawei X6800 and XH620 V3 servers with software before V100R003C00SPC606, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, CH140 V3 and CH226 V3 servers with software before V100R001C00SPC... Read more
- EPSS Score: %0.12
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
9.8
CRITICALCVE-2016-6825
Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, and RH2288H V3 servers with software before V100R00... Read more
- EPSS Score: %0.37
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
5.3
MEDIUMCVE-2016-6670
Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging know... Read more
- EPSS Score: %0.14
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2016-6318
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.... Read more
- EPSS Score: %3.52
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-6317
Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions ... Read more
- EPSS Score: %0.38
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2016-6316
Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attri... Read more
- EPSS Score: %2.19
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.0
HIGHCVE-2016-6184
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more
- EPSS Score: %0.05
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.0
HIGHCVE-2016-6183
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more
- EPSS Score: %0.05
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-6182
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more
- EPSS Score: %0.10
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.0
HIGHCVE-2016-6181
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more
- EPSS Score: %0.05
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.0
HIGHCVE-2016-6180
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more
- EPSS Score: %0.05
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-5422
The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request.... Read more
Affected Products : jboss_operations_network- EPSS Score: %0.68
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
9.8
CRITICALCVE-2016-5022
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +12 more products- EPSS Score: %1.30
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
4.4
MEDIUMCVE-2016-1242
file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.... Read more
- EPSS Score: %0.21
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
5.3
MEDIUMCVE-2016-1241
Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors.... Read more
- EPSS Score: %0.24
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-7034
The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cr... Read more
Affected Products : jboss_bpm_suite- EPSS Score: %0.04
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2016-7033
Multiple cross-site scripting (XSS) vulnerabilities in the admin pages in dashbuilder in Red Hat JBoss BPM Suite 6.3.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : jboss_bpm_suite- EPSS Score: %0.35
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-6855
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF... Read more
- EPSS Score: %2.55
- Published: Sep. 07, 2016
- Modified: Apr. 12, 2025