Total
2377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4874 | 1 Cybozu | 1 Office | 2017-04-20 | 3.5 LOW | 3.5 LOW |
| Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download" attack. | |||||
| CVE-2016-6143 | 1 Sap | 1 Hana | 2017-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806. | |||||
| CVE-2016-1178 | 1 Appleple | 1 A-blog Cms | 2017-04-20 | 6.4 MEDIUM | 6.5 MEDIUM |
| The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors. | |||||
| CVE-2015-8284 | 1 Seawell Networks | 1 Spectrum Sdc | 2017-04-19 | 6.5 MEDIUM | 8.8 HIGH |
| SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. | |||||
| CVE-2016-6605 | 1 Cloudera | 1 Cdh | 2017-04-14 | 5.0 MEDIUM | 7.5 HIGH |
| Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. | |||||
| CVE-2016-5058 | 1 Osram | 1 Lightify Pro | 2017-04-14 | 5.0 MEDIUM | 7.5 HIGH |
| OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. | |||||
| CVE-2016-5054 | 1 Osram | 1 Lightify Home | 2017-04-14 | 5.0 MEDIUM | 7.5 HIGH |
| OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay. | |||||
| CVE-2015-8275 | 1 Eparaksts | 2 Edoc-libraries, Eparakstitajs 3 | 2017-04-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files. | |||||
| CVE-2014-3930 | 1 Lg Project | 1 Lg | 2017-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| lg.pl in Cistron-LG 1.01 stores sensitive information under the web root with insufficient access controls, which allows remote attackers to obtain IP addresses and other unspecified router credentials. | |||||
| CVE-2014-3929 | 1 Lg Project | 1 Lg | 2017-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys. | |||||
| CVE-2014-3928 | 1 Lg Project | 1 Lg | 2017-04-11 | 5.0 MEDIUM | 9.8 CRITICAL |
| Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials. | |||||
| CVE-2014-4707 | 1 Huawei | 6 Campus S7700, Campus S7700 Firmware, Campus S9300 and 3 more | 2017-04-06 | 7.5 HIGH | 8.8 HIGH |
| Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism. | |||||
| CVE-2016-8794 | 1 Huawei | 6 Mate 8, Mate 8 Firmware, Mate S and 3 more | 2017-04-05 | 6.2 MEDIUM | 7.1 HIGH |
| Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | |||||
| CVE-2016-8792 | 1 Huawei | 6 Mate 8, Mate 8 Firmware, Mate S and 3 more | 2017-04-05 | 6.2 MEDIUM | 7.1 HIGH |
| Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | |||||
| CVE-2016-8791 | 1 Huawei | 6 Mate 8, Mate 8 Firmware, Mate S and 3 more | 2017-04-05 | 6.2 MEDIUM | 7.1 HIGH |
| Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | |||||
| CVE-2016-8273 | 1 Huawei | 1 Hisuite | 2017-04-05 | 6.9 MEDIUM | 7.8 HIGH |
| Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC. | |||||
| CVE-2016-8793 | 1 Huawei | 6 Mate 8, Mate 8 Firmware, Mate S and 3 more | 2017-04-05 | 6.2 MEDIUM | 6.7 MEDIUM |
| Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | |||||
| CVE-2016-8274 | 1 Huawei | 1 Hisuite | 2017-04-05 | 7.2 HIGH | 7.8 HIGH |
| Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code. | |||||
| CVE-2016-8798 | 1 Huawei | 2 Usg5500, Usg5500 Firmware | 2017-04-05 | 7.8 HIGH | 7.5 HIGH |
| Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server. | |||||
| CVE-2016-6807 | 1 Apache | 1 Ambari | 2017-04-04 | 7.5 HIGH | 9.8 CRITICAL |
| Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process. | |||||