Vulnerabilities (CVE)

Total 15866 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-1343 1 Cisco 1 Information Server 2016-05-04 6.4 MEDIUM 10.0 CRITICAL
The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCuy39059.
CVE-2016-2416 1 Google 1 Android 2016-04-25 10.0 HIGH 9.8 CRITICAL
libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via a dump request, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27046057.
CVE-2016-2419 1 Google 1 Android 2016-04-25 10.0 HIGH 9.8 CRITICAL
media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26323455.
CVE-2016-0841 1 Google 1 Android 2016-04-20 10.0 HIGH 9.8 CRITICAL
media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mishandles cleared service binders, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26040840.
CVE-2016-0837 1 Google 1 Android 2016-04-20 10.0 HIGH 9.8 CRITICAL
MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted media file, aka internal bug 27208621.
CVE-2016-0839 1 Google 1 Android 2016-04-20 10.0 HIGH 9.8 CRITICAL
post_proc/volume_listener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25753245.
CVE-2016-0838 1 Google 1 Android 2016-04-20 10.0 HIGH 9.8 CRITICAL
Sonivox in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a negative number of samples, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to arm-wt-22k/lib_src/eas_wtengine.c and arm-wt-22k/lib_src/eas_wtsynth.c, aka internal bug 26366256.
CVE-2016-0835 1 Google 1 Android 2016-04-20 10.0 HIGH 9.8 CRITICAL
decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a certain negative value, aka internal bug 26070014.
CVE-2016-2418 1 Google 1 Android 2016-04-20 10.0 HIGH 9.8 CRITICAL
media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26324358.
CVE-2016-0733 1 Apache 1 Ranger 2016-04-19 7.5 HIGH 9.8 CRITICAL
The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid username.
CVE-2015-8841 1 Eset 1 Nod32 2016-04-18 10.0 HIGH 9.8 CRITICAL
Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to execute arbitrary code via a large number of languages in an EPOC installation file of type SIS_FILE_MULTILANG.
CVE-2016-3065 1 Postgresql 1 Postgresql 2016-04-14 8.5 HIGH 9.1 CRITICAL
The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.
CVE-2016-3154 1 Spip 1 Spip 2016-04-14 7.5 HIGH 9.8 CRITICAL
The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
CVE-2016-3153 2 Debian, Spip 2 Debian Linux, Spip 2016-04-14 7.5 HIGH 9.8 CRITICAL
SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
CVE-2016-2343 1 Patterson Dental 1 Eaglesoft 2016-04-04 10.0 HIGH 9.8 CRITICAL
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements.
CVE-2016-2245 1 Hp 1 Support Assistant 2016-03-22 10.0 HIGH 9.8 CRITICAL
HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2016-0804 1 Google 1 Android 2016-03-14 10.0 HIGH 9.8 CRITICAL
The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25070434.
CVE-2015-7261 1 Qnap 2 Iartist Lite, Signage Station 2016-03-11 7.5 HIGH 9.8 CRITICAL
The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attackers to obtain access via a session on TCP port 21.
CVE-2016-2275 1 Advantech 4 Vesp211-232, Vesp211-232 Firmware, Vesp211-eu and 1 more 2016-03-10 10.0 HIGH 9.8 CRITICAL
The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote attackers to perform administrative actions via modified JavaScript code.
CVE-2016-2231 1 Huawei 2 Mt882, Mt882 Firmware 2016-03-10 9.0 HIGH 9.8 CRITICAL
The Windows-based Host Interface Program (WHIP) service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service (device outage) or possibly have unspecified other impact via crafted traffic on TCP port 8701.