Skip to main content
CVE-2016-4802 HIGH This Week

Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Curl
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2016-5723 HIGH This Week

Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Huawei Fusioninsight Hd
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-5722 HIGH This Week

Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Huawei Ocean Stor Firmware
NVD
CVSS 3.0
7.3
EPSS
0.2%
CVE-2016-5435 MEDIUM This Month

Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Huawei Huawei Firmware
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2016-5021 MEDIUM This Month

The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Big Iq Application Delivery Controller Big Iq Cloud And Orchestration Big Ip Application Acceleration Manager Big Ip Access Policy Manager +12
NVD
CVSS 3.0
4.9
EPSS
0.2%
CVE-2016-5709 MEDIUM This Month

SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Virtualization Manager
NVD
CVSS 3.0
4.7
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy