Lista CVE - 2016 / Ottobre
Visualizzazione 201 - 300 di 687 CVE per Ottobre 2016 (Pagina 3 di 7)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2016-6673 | 2016-10-10 | The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201. |
| CVE-2016-6674 | 2016-10-10 | system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380. |
| CVE-2016-6675 | 2016-10-10 | Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of... |
| CVE-2016-6676 | 2016-10-10 | Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of... |
| CVE-2016-6677 | 2016-10-10 | The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30259955. |
| CVE-2016-6678 | 2016-10-10 | The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 29914434. |
| CVE-2016-6679 | 2016-10-10 | CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a... |
| CVE-2016-6680 | 2016-10-10 | CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an... |
| CVE-2016-6681 | 2016-10-10 | drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain... |
| CVE-2016-6682 | 2016-10-10 | drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain... |
| CVE-2016-6683 | 2016-10-10 | The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283. |
| CVE-2016-6684 | 2016-10-10 | The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via... |
| CVE-2016-6685 | 2016-10-10 | The kernel in Android before 2016-10-05 on Nexus 6P devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30402628. |
| CVE-2016-6686 | 2016-10-10 | The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101. |
| CVE-2016-6687 | 2016-10-10 | The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222. |
| CVE-2016-6688 | 2016-10-10 | The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080. |
| CVE-2016-6689 | 2016-10-10 | Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347. |
| CVE-2016-6690 | 2016-10-10 | The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of... |
| CVE-2016-6691 | 2016-10-10 | service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an... |
| CVE-2016-6692 | 2016-10-10 | drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors,... |
| CVE-2016-6693 | 2016-10-10 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka... |
| CVE-2016-6694 | 2016-10-10 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm... |
| CVE-2016-6695 | 2016-10-10 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length,... |
| CVE-2016-6696 | 2016-10-10 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for... |
| CVE-2016-7117 | 2016-10-10 | Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is... |
| CVE-2016-5348 | 2016-10-10 | The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows man-in-the-middle attackers to cause a denial of service... |
| CVE-2016-5325 | 2016-10-10 | CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers... |
| CVE-2016-7099 | 2016-10-10 | The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which... |
| CVE-2016-7423 | 2016-10-10 | The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write... |
| CVE-2016-8100 | 2016-10-10 | Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack. |
| CVE-2016-8101 | 2016-10-10 | The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local users to gain privileges via unspecified vectors. |
| CVE-2016-1000126 | 2016-10-10 | Reflected XSS in wordpress plugin admin-font-editor v1.8 |
| CVE-2016-1000127 | 2016-10-10 | Reflected XSS in wordpress plugin ajax-random-post v2.00 |
| CVE-2016-1000128 | 2016-10-10 | Reflected XSS in wordpress plugin anti-plagiarism v3.60 |
| CVE-2016-1000129 | 2016-10-10 | Reflected XSS in wordpress plugin defa-online-image-protector v3.3 |
| CVE-2016-1000130 | 2016-10-10 | Reflected XSS in wordpress plugin e-search v1.0 |
| CVE-2016-1000131 | 2016-10-10 | Reflected XSS in wordpress plugin e-search v1.0 |
| CVE-2016-1000132 | 2016-10-10 | Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8 |
| CVE-2016-1000133 | 2016-10-10 | Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1 |
| CVE-2016-1000134 | 2016-10-10 | Reflected XSS in wordpress plugin hdw-tube v1.2 |
| CVE-2016-1000135 | 2016-10-10 | Reflected XSS in wordpress plugin hdw-tube v1.2 |
| CVE-2016-1000136 | 2016-10-10 | Reflected XSS in wordpress plugin heat-trackr v1.0 |
| CVE-2016-1000137 | 2016-10-10 | Reflected XSS in wordpress plugin hero-maps-pro v2.1.0 |
| CVE-2016-1000138 | 2016-10-10 | Reflected XSS in wordpress plugin indexisto v1.0.5 |
| CVE-2016-1000139 | 2016-10-10 | Reflected XSS in wordpress plugin infusionsoft v1.5.11 |
| CVE-2016-1000140 | 2016-10-10 | Reflected XSS in wordpress plugin new-year-firework v1.1.9 |
| CVE-2016-1000141 | 2016-10-10 | Reflected XSS in wordpress plugin page-layout-builder v1.9.3 |
| CVE-2016-1000142 | 2016-10-10 | Reflected XSS in wordpress plugin parsi-font v4.2.5 |
| CVE-2016-1000143 | 2016-10-10 | Reflected XSS in wordpress plugin photoxhibit v2.1.8 |
| CVE-2016-1000144 | 2016-10-10 | Reflected XSS in wordpress plugin photoxhibit v2.1.8 |
| CVE-2016-1000145 | 2016-10-10 | Reflected XSS in wordpress plugin pondol-carousel v1.0 |
| CVE-2016-1000146 | 2016-10-10 | Reflected XSS in wordpress plugin pondol-formmail v1.1 |
| CVE-2016-1000147 | 2016-10-10 | Reflected XSS in wordpress plugin recipes-writer v1.0.4 |
| CVE-2016-1000148 | 2016-10-10 | Reflected XSS in wordpress plugin s3-video v0.983 |
| CVE-2016-1000149 | 2016-10-10 | Reflected XSS in wordpress plugin simpel-reserveren v3.5.2 |
| CVE-2016-1000150 | 2016-10-10 | Reflected XSS in wordpress plugin simplified-content v1.0.0 |
| CVE-2016-1000151 | 2016-10-10 | Reflected XSS in wordpress plugin tera-charts v1.0 |
| CVE-2016-1000152 | 2016-10-10 | Reflected XSS in wordpress plugin tidio-form v1.0 |
| CVE-2016-1000153 | 2016-10-10 | Reflected XSS in wordpress plugin tidio-gallery v1.1 |
| CVE-2016-1000154 | 2016-10-10 | Reflected XSS in wordpress plugin whizz v1.0.7 |
| CVE-2016-1000155 | 2016-10-10 | Reflected XSS in wordpress plugin wpsolr-search-engine v7.6 |
| CVE-2016-1000216 | 2016-10-10 | Ruckus Wireless H500 web management interface authenticated command injection |
| CVE-2016-7959 | 2016-10-13 | Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging... |
| CVE-2016-7960 | 2016-10-13 | Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive... |
| CVE-2016-8563 | 2016-10-13 | Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410. |
| CVE-2016-8564 | 2016-10-13 | SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410. |
| CVE-2016-8565 | 2016-10-13 | Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets. |
| CVE-2016-3635 | 2016-10-13 | SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from... |
| CVE-2016-3638 | 2016-10-13 | SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623. |
| CVE-2016-3946 | 2016-10-13 | SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461. |
| CVE-2016-4407 | 2016-10-13 | The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka SAP Security Note 2223008. |
| CVE-2016-5425 | 2016-10-13 | The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain... |
| CVE-2016-6325 | 2016-10-13 | The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which... |
| CVE-2016-7065 | 2016-10-13 | The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via... |
| CVE-2016-7437 | 2016-10-13 | SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute... |
| CVE-2016-7795 | 2016-10-13 | The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a... |
| CVE-2016-7796 | 2016-10-13 | The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to... |
| CVE-2016-1089 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-1091 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-4273 | 2016-10-13 | Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a... |
| CVE-2016-4286 | 2016-10-13 | Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified... |
| CVE-2016-6935 | 2016-10-13 | Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE%... |
| CVE-2016-6939 | 2016-10-13 | Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and... |
| CVE-2016-6940 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6941 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6942 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6943 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6944 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-6945 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-6946 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-6947 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6948 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6949 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-6950 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6951 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6952 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-6953 | 2016-10-13 | Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS... |
| CVE-2016-6954 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6955 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |
| CVE-2016-6956 | 2016-10-13 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers... |