Total
2480 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1000352 | 2 Bouncycastle, Redhat | 4 Legion-of-the-bouncy-castle-java-crytography-api, Jboss Fuse, Satellite and 1 more | 2024-08-06 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | ||||
| CVE-2016-1000343 | 3 Bouncycastle, Debian, Redhat | 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more | 2024-08-06 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator. | ||||
| CVE-2016-1000339 | 3 Bouncycastle, Debian, Redhat | 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more | 2024-08-06 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate. | ||||
| CVE-2016-10725 | 1 Bitcoin | 3 Bitcoin-qt, Bitcoin Core, Bitcoind | 2024-08-06 | N/A |
| In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavior occurs in the remote network alert system (deprecated since Q1 2016). This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins. | ||||
| CVE-2016-10692 | 1 Haxeshim Project | 1 Haxeshim | 2024-08-06 | N/A |
| haxeshim haxe shim to deal with coexisting versions. haxeshim downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | ||||
| CVE-2016-10583 | 1 Openlayers | 1 Closure-util | 2024-08-06 | 8.1 High |
| closure-utils is Utilities for Closure Library based projects. closure-utils downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | ||||
| CVE-2016-10376 | 1 Gajim | 1 Gajim | 2024-08-06 | N/A |
| Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions. | ||||
| CVE-2016-10137 | 1 Adups | 1 Adups Fota | 2024-08-06 | N/A |
| An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. This allows a third-party app to read, write, and delete the user's sent and received text messages and call log. This allows a third-party app to obtain PII from the user without permission to do so. | ||||
| CVE-2016-10139 | 1 Adups | 1 Adups Fota | 2024-08-06 | N/A |
| An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. Therefore, the app executing as the system user has been granted a number of powerful permissions even though they are not present in the com.adups.fota.sysoper app's AndroidManifest.xml file. This app provides the com.adups.fota app access to the user's call log, text messages, and various device identifiers through the com.adups.fota.sysoper.provider.InfoProvider component. The com.adups.fota app uses timestamps when it runs and is eligible to exfiltrate the user's PII every 72 hours. If 72 hours have passed since the value of the timestamp, then the exfiltration will be triggered by the user plugging in the device to charge or when they leave or enter a wireless network. The exfiltration occurs in the background without any user interaction. | ||||
| CVE-2016-10136 | 1 Adups | 1 Adups Fota | 2024-08-06 | N/A |
| An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. This allows a third-party app to read, write, and delete files owned by the system user. The third-party app can modify the /data/system/users/0/settings_secure.xml file to add an app as a notification listener to be able to receive the text of notifications as they are received on the device. This also allows the /data/system/users/0/accounts.db to be read which contains authentication tokens for various accounts on the device. The third-party app can obtain privileged information and also modify files to obtain more privileges on the device. | ||||
| CVE-2016-10138 | 1 Adups | 1 Adups Fota | 2024-08-06 | N/A |
| An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. The app has an exported broadcast receiver named com.adups.fota.sysoper.WriteCommandReceiver which any app on the device can interact with. Therefore, any app can send a command embedded in an intent which will be executed by the WriteCommandReceiver component which is executing as the system user. The third-party app, utilizing the WriteCommandReceiver, can perform the following actions: call a phone number, factory reset the device, take pictures of the screen, record the screen in a video, install applications, inject events, obtain the Android log, and others. In addition, the com.adups.fota.sysoper.TaskService component will make a request to a URL of http://rebootv5.adsunflower.com/ps/fetch.do where the commands in the String array with a key of sf in the JSON Object sent back by the server will be executed as the system user. Since the connection is made via HTTP, it is vulnerable to a MITM attack. | ||||
| CVE-2016-10099 | 1 Borg Project | 1 Borg | 2024-08-06 | N/A |
| Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives. | ||||
| CVE-2016-9847 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-08-06 | N/A |
| An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. | ||||
| CVE-2016-9346 | 1 Moxa | 6 Miineport E1, Miineport E1 Firmware, Miineport E2 and 3 more | 2024-08-06 | N/A |
| An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Configuration data are stored in a file that is not encrypted. | ||||
| CVE-2016-8889 | 1 Bitcoin Knots Project | 1 Bitcoin Knots | 2024-08-06 | N/A |
| In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history. | ||||
| CVE-2016-8224 | 1 Lenovo | 57 Bios, Notebook 110 14ibr, Notebook 110 14ibr Bios and 54 more | 2024-08-06 | N/A |
| A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system. | ||||
| CVE-2016-7812 | 1 Mufg | 1 Mitsubishi Ufj | 2024-08-06 | N/A |
| The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android ver5.3.1, ver5.2.2 and earlier allow a man-in-the-middle attacker to downgrade the communication between the app and the server from TLS v1.2 to SSL v3.0, which may result in the attacker to eavesdrop on an encrypted communication. | ||||
| CVE-2016-7585 | 1 Apple | 1 Mac Os X | 2024-08-06 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter. | ||||
| CVE-2016-7438 | 1 Wolfssl | 1 Wolfssl | 2024-08-06 | N/A |
| The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | ||||
| CVE-2016-7439 | 1 Wolfssl | 1 Wolfssl | 2024-08-06 | N/A |
| The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | ||||