The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2016-7054 | TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-7055 | There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker\'s direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected. | LOW | Nov 10, 2016 | openSSL-1.1.1.0 (VxWorks 7) |
CVE-2016-7426 | When ntpd is configured with rate limiting for all associations (restrict default limited in ntp.conf), the limits are applied also to responses received from its configured sources. An attacker who knows the sources (e.g., from an IPv4 refid in server response) and knows the system is (mis)configured in this way can periodically send packets with spoofed source address to keep the rate limiting activated and prevent ntpd from accepting valid responses from its sources. | MEDIUM | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-7427 | he broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable denial of service vulnerability in ntpd\'s broadcast mode replay prevention functionality can be abused. An attacker with access to the NTP broadcast domain can periodically inject specially crafted broadcast mode NTP packets into the broadcast domain which, while being logged by ntpd, can cause ntpd to reject broadcast mode packets from legitimate NTP broadcast servers. | LOW | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-7428 | The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable denial of service vulnerability in ntpd\'s broadcast mode poll interval enforcement functionality can be abused. To limit abuse, ntpd restricts the rate at which each broadcast association will process incoming packets. ntpd will reject broadcast mode packets that arrive before the poll interval specified in the preceding broadcast packet expires. An attacker with access to the NTP broadcast domain can send specially crafted broadcast mode NTP packets to the broadcast domain which, while being logged by ntpd, will cause ntpd to reject broadcast mode packets from legitimate NTP broadcast servers. | LOW | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-7429 | When ntpd receives a server response on a socket that corresponds to a different interface than was used for the request, the peer structure is updated to use the interface for new requests. If ntpd is running on a host with multiple interfaces in separate networks and the operating system doesn\'t check source address in received packets (e.g. rp_filter on Linux is set to 0), an attacker that knows the address of the source can send a packet with spoofed source address which will cause ntpd to select wrong interface for the source and prevent it from sending new requests until the list of interfaces is refreshed, which happens on routing changes or every 5 minutes by default. If the attack is repeated often enough (once per second), ntpd will not be able to synchronize with the source. | MEDIUM | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-7431 | Zero Origin timestamp problems were fixed by Bug 2945 in ntp-4.2.8p6. However, subsequent timestamp validation checks introduced a regression in the handling of some Zero origin timestamp checks. | MEDIUM | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-7433 | Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation of a small-print variable in The Book, the fix for this problem was incorrect, resulting in a root distance that did not include the peer dispersion. The calculations and formulae have been reviewed and reconciled, and the code has been updated accordingly. | MEDIUM | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-7434 | If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted malicious mrulist query packet. | MEDIUM | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-8645 | It was discovered that the Linux kernel, from at least v4.0 until v4.9-rc1, can hit BUG() statement in tcp_collapse() function after making a number of certain syscalls leading to a possible system crash. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-9310 | An exploitable configuration modification vulnerability exists in the control mode (mode 6) functionality of ntpd. If, against long-standing BCP recommendations, \"restrict default noquery ?\" is not specified, a specially crafted control mode packet can set ntpd traps, providing information disclosure and DDoS amplification, and unset ntpd traps, disabling legitimate monitoring. A remote, unauthenticated, network attacker can trigger this vulnerability. | MEDIUM | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-9311 | If trap service, disabled by default, has been explicitly enabled, an attacker can send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service. | HIGH | Nov 10, 2016 | ipnet_ntp-1.2.0.4 (VxWorks 7) |
CVE-2016-9312 | If a vulnerable instance of ntpd on Windows receives a crafted malicious packet that is \"too big\", ntpd will stop working. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-0026 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3161 | For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.<a href=http://cwe.mitre.org/data/definitions/428.html>CWE-428: Unquoted Search Path or Element</a> | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3332 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3333 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3334 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3335 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3338 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3340 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3342 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3343, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-3343 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, and CVE-2016-7184. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-4095 | Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-4959 | For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-4960 | For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-4961 | For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-5025 | For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-5852 | For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.<a href=http://cwe.mitre.org/data/definitions/428.html>CWE-428: Unquoted Search Path or Element</a> | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7146 | MoinMoin 1.9.8 allows remote attackers to conduct JavaScript injection attacks by using the page creation or crafted URL approach, related to a Cross Site Scripting (XSS) issue affecting the action=fckdialog&dialog=attachment (via page name) component. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-7148 | MoinMoin 1.9.8 allows remote attackers to conduct JavaScript injection attacks by using the page creation approach, related to a Cross Site Scripting (XSS) issue affecting the action=AttachFile (via page name) component. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-7184 | The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka Windows Common Log File System Driver Elevation of Privilege Vulnerability, a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, and CVE-2016-3343. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7195 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Microsoft Browser Memory Corruption Vulnerability, a different vulnerability than CVE-2016-7198. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7196 | Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Microsoft Browser Memory Corruption Vulnerability. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7198 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Microsoft Browser Memory Corruption Vulnerability, a different vulnerability than CVE-2016-7195. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7199 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka Microsoft Browser Information Disclosure Vulnerability. | LOW | Nov 10, 2016 | n/a |
CVE-2016-7200 | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Scripting Engine Memory Corruption Vulnerability, a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7201 | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Scripting Engine Memory Corruption Vulnerability, a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7202 | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Scripting Engine Memory Corruption Vulnerability, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7203 | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Scripting Engine Memory Corruption Vulnerability, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7204 | Microsoft Edge allows remote attackers to access arbitrary My Documents files via a crafted web site, aka Microsoft Edge Information Disclosure Vulnerability. | LOW | Nov 10, 2016 | n/a |
CVE-2016-7205 | Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka Windows Animation Manager Memory Corruption Vulnerability. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7208 | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka Scripting Engine Memory Corruption Vulnerability, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7209 | Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka Microsoft Edge Spoofing Vulnerability. | LOW | Nov 10, 2016 | n/a |
CVE-2016-7210 | atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted Open Type font on a web site, aka Open Type Font Information Disclosure Vulnerability. | MEDIUM | Nov 10, 2016 | n/a |
CVE-2016-7212 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka Windows Remote Code Execution Vulnerability. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7213 | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka Microsoft Office Memory Corruption Vulnerability. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7214 | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted application, aka Win32k Information Disclosure Vulnerability. | LOW | Nov 10, 2016 | n/a |
CVE-2016-7215 | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka Win32k Elevation of Privilege Vulnerability. | HIGH | Nov 10, 2016 | n/a |
CVE-2016-7216 | The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka Windows Kernel Elevation of Privilege Vulnerability. | LOW | Nov 10, 2016 | n/a |