Vulnerabilities (CVE)

Filtered by CWE-254
Total 407 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-2115 2 Canonical, Samba 2 Ubuntu Linux, Samba 2025-04-12 4.3 MEDIUM 5.9 MEDIUM
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.
CVE-2015-8338 1 Xen 1 Xen 2025-04-12 7.2 HIGH N/A
Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors.
CVE-2016-3085 1 Apache 1 Cloudstack 2025-04-12 5.8 MEDIUM 6.5 MEDIUM
Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin.
CVE-2015-1793 2 Openssl, Oracle 4 Openssl, Jd Edwards Enterpriseone Tools, Opus 10g Ethernet Switch Family and 1 more 2025-04-12 6.4 MEDIUM 6.5 MEDIUM
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.
CVE-2016-5525 1 Oracle 1 Solaris Cluster 2025-04-12 2.1 LOW 3.3 LOW
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.
CVE-2016-1927 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 5.0 MEDIUM 7.5 HIGH
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach.
CVE-2016-6493 1 Citrix 2 Xenapp, Xendesktop 2025-04-12 7.5 HIGH 9.8 CRITICAL
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
CVE-2015-5306 1 Openstack 1 Ironic Inspector 2025-04-12 6.8 MEDIUM N/A
OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.
CVE-2016-1567 1 Tuxfamily 1 Chrony 2025-04-12 6.8 MEDIUM 8.1 HIGH
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
CVE-2015-7863 1 Accelerite 1 Radia Client Automation 2025-04-12 5.0 MEDIUM N/A
The default configuration of Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2016-9861 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 5.0 MEDIUM 7.5 HIGH
An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
CVE-2016-1489 1 Lenovo 1 Shareit 2025-04-12 4.3 MEDIUM 8.0 HIGH
Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors.
CVE-2016-0828 1 Google 1 Android 2025-04-12 5.0 MEDIUM 7.5 HIGH
The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an ATTACH_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338113.
CVE-2016-4741 1 Apple 1 Iphone Os 2025-04-12 4.3 MEDIUM 5.9 MEDIUM
The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.
CVE-2016-6340 1 Redhat 2 Enterprise Linux, Quickstart Cloud Installer 2025-04-12 2.1 LOW 8.4 HIGH
The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for attackers to determine cleartext passwords via a brute-force attack.
CVE-2015-7185 2 Google, Mozilla 2 Android, Firefox 2025-04-12 4.3 MEDIUM N/A
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.
CVE-2015-0005 1 Microsoft 3 Windows 2003 Server, Windows Server 2008, Windows Server 2012 2025-04-12 4.3 MEDIUM N/A
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."
CVE-2016-6639 2 Cloudfoundry, Pivotal 2 Php-buildpack, Cloud Foundry Elastic Runtime 2025-04-12 5.0 MEDIUM 7.5 HIGH
Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.
CVE-2016-0907 1 Emc 2 Isilon Onefs, Isilonsd Edge Onefs 2025-04-12 4.3 MEDIUM 5.9 MEDIUM
EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115.
CVE-2016-6626 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 5.8 MEDIUM 5.4 MEDIUM
An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.