Open Bugtraq


2017-02-24
Med.
High
Low
Med.
Med.
Med.
Med.
High
Low
Med.
Med.
Med.
Med.


The latest CVEs

2017-02-22
CVE-2016-9682 DELL Sonicwall secure remote access...
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn't proper...

CVE-2016-9683 DELL Sonicwall secure remote access...
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI (/cgi-bin/extensionsettings) component responsible for handling some of the server's internal configurations. The CGI application doe...

CVE-2016-9684 DELL Sonicwall secure remote access...
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI (/cgi-bin/viewcert) component responsible for processing SSL certificate information. The CGI application doesn't properly escape the informat...

CVE-2016-8636 Linux Linux kernel
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infinib...

CVE-2016-9377 XEN XEN
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation.

CVE-2016-9378 XEN XEN
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery.

CVE-2016-9384 XEN XEN
Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table.

CVE-2016-9909 Html5lib Html5lib
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of the < (less than) character in attribute values.

CVE-2016-9910 Html5lib Html5lib
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909.

CVE-2016-3013 IBM Websphere mq
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.


Dorks


2017-02-24
Med.
Ihsan Sencan
Med.
Ihsan Sencan
Med.
Ihsan Sencan
Med.
Ihsan Sencan
Med.
Ihsan Sencan

Copyright 2017, cxsecurity.com