Total
10626 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0901 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2019-10-09 | 6.4 MEDIUM | 7.5 HIGH |
| RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem. | |||||
| CVE-2016-9749 | 1 Ibm | 1 Campaign | 2019-10-09 | 2.1 LOW | 3.3 LOW |
| IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206. | |||||
| CVE-2016-9494 | 1 Hughes | 8 Dw7000, Dw7000 Firmware, Hn7000s and 5 more | 2019-10-09 | 3.3 LOW | 6.5 MEDIUM |
| Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service. | |||||
| CVE-2016-7074 | 2 Debian, Powerdns | 3 Debian Linux, Authoritative, Recursor | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leading to the possibility of parsing records that are not covered by the TSIG signature. | |||||
| CVE-2016-7073 | 2 Debian, Powerdns | 3 Debian Linux, Authoritative, Recursor | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack. | |||||
| CVE-2016-7072 | 2 Debian, Powerdns | 2 Debian Linux, Authoritative | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in PowerDNS Authoritative Server before 3.4.11 and 4.0.2 allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number of TCP connections to the web server. If the web server runs out of file descriptors, it triggers an exception and terminates the whole PowerDNS process. While it's more complicated for an unauthorized attacker to make the web server run out of file descriptors since its connection will be closed just after being accepted, it might still be possible. | |||||
| CVE-2016-7069 | 1 Powerdns | 1 Dnsdist | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to the initial client. On a 32-bit system, the pointer arithmetic used when parsing the received response to remove that record might trigger an undefined behavior leading to a crash. | |||||
| CVE-2016-7068 | 2 Debian, Powerdns | 3 Debian Linux, Authoritative, Recursor | 2019-10-09 | 7.8 HIGH | 7.5 HIGH |
| An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded. This issue is based on the fact that the PowerDNS server parses all records present in a query regardless of whether they are needed or even legitimate. A specially crafted query containing a large number of records can be used to take advantage of that behaviour. | |||||
| CVE-2016-6567 | 1 Shdesigns | 1 Resident Download Manager | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applications. The Resident Download Manager does not verify that the firmware is authentic before executing code and deploying the firmware to devices. A remote attacker with the ability to send UDP traffic to the device may be able to execute arbitrary code on the device. According to SHDesigns' website, the Resident Download Manager and other Rabbit Tools have been discontinued since June 2011. | |||||
| CVE-2016-6565 | 1 Imagely | 1 Nextgen Gallery | 2019-10-09 | 6.0 MEDIUM | 7.5 HIGH |
| The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration). | |||||
| CVE-2016-6560 | 1 Illumos | 1 Illumos | 2019-10-09 | 7.8 HIGH | 8.6 HIGH |
| illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash. | |||||
| CVE-2016-6542 | 1 Ieasytec | 1 Itrackeasy | 2019-10-09 | 4.3 MEDIUM | 3.7 LOW |
| The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device. The tracker ID is the device's BLE MAC address. | |||||
| CVE-2016-1586 | 1 Oxide Project | 1 Oxide | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3. | |||||
| CVE-2016-10555 | 1 Jwt-simple Project | 1 Jwt-simple | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants. | |||||
| CVE-2016-10544 | 1 Uws Project | 1 Uws | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8. | |||||
| CVE-2016-10543 | 1 Call Project | 1 Call | 2019-10-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| call is an HTTP router that is primarily used by the hapi framework. There exists a bug in call versions 2.0.1-3.0.1 that does not validate empty parameters, which could result in invalid input bypassing the route validation rules. | |||||
| CVE-2016-10542 | 1 Ws Project | 1 Ws | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| ws is a "simple to use, blazing fast and thoroughly tested websocket client, server and console for node.js, up-to-date against RFC-6455". By sending an overly long websocket payload to a `ws` server, it is possible to crash the node process. This affects ws 1.1.0 and earlier. | |||||
| CVE-2016-10540 | 1 Minimatch Project | 1 Minimatch | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript `RegExp` objects. The primary function, `minimatch(path, pattern)` in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the `pattern` parameter. | |||||
| CVE-2016-10539 | 1 Negotiator Project | 1 Negotiator | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string. | |||||
| CVE-2016-10521 | 1 Jshamcrest Project | 1 Jshamcrest | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in to the emailAddress validator. | |||||