Vulnerability Summary for the Week of April 11, 2016

Please Note:

• The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low.

• The CVE indentity number is the publicly known ID given to that particular vulnerability. Therefore you can search the status of that particular vulnerability using that ID.

• The CVSS (Common Vulnerability Scoring System) score is a standard scoring system used to determine the severity of the vulnerability.

High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity adobe -- flash_player Use-after-free vulnerability in Adobe Flash Player 2016-04-08 10.0 CVE-2016-1011 CONFIRM (link before 18.0.0.343 and 19.x through 21.x before is external) 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE- 2016-1016, CVE-2016-1017, and CVE-2016-1031. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1012 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016- 1022, CVE-2016-1023, CVE-2016-1024, CVE- 2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Use-after-free vulnerability in Adobe Flash Player 2016-04-08 10.0 CVE-2016-1013 CONFIRM (link before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before is external) 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE- 2016-1016, CVE-2016-1017, and CVE-2016-1031. adobe -- flash_player Untrusted search path vulnerability in Adobe 2016-04-08 7.2 CVE-2016-1014 CONFIRM (link Flash Player before 18.0.0.343 and 19.x through is external) 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory. adobe -- flash_player Use-after-free vulnerability in the Transform 2016-04-08 9.3 CVE-2016-1016 CONFIRM (link object implementation in Adobe Flash Player is external) before 18.0.0.343 and 19.x through 21.x before MISC (link is 21.0.0.213 on Windows and OS X and before external) 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016- 1011, CVE-2016-1013, CVE-2016-1017, and CVE- 2016-1031. adobe -- flash_player Use-after-free vulnerability in the 2016-04-08 9.3 CVE-2016-1017 CONFIRM (link LoadVars.decode function in Adobe Flash Player is external) before 18.0.0.343 and 19.x through 21.x before MISC (link is 21.0.0.213 on Windows and OS X and before external) 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE- 2016-1013, CVE-2016-1016, and CVE-2016-1031. adobe -- flash_player Stack-based buffer overflow in Adobe Flash 2016-04-08 9.3 CVE-2016-1018 CONFIRM (link Player before 18.0.0.343 and 19.x through 21.x is external) before 21.0.0.213 on Windows and OS X and MISC (link is before 11.2.202.616 on Linux allows attackers to external) execute arbitrary code via crafted JPEG-XR data. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1020 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016- 1022, CVE-2016-1023, CVE-2016-1024, CVE- 2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1021 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1022, CVE-2016-1023, CVE-2016-1024, CVE- 2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1022 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1023, CVE-2016-1024, CVE- 2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1023 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1024, CVE- 2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1024 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1025 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1026 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1027 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1028 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1029 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1030 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors. adobe -- flash_player Use-after-free vulnerability in Adobe Flash Player 2016-04-08 10.0 CVE-2016-1031 CONFIRM (link before 18.0.0.343 and 19.x through 21.x before is external) 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE- 2016-1013, CVE-2016-1016, and CVE-2016-1017. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1032 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033. adobe -- flash_player Adobe Flash Player before 18.0.0.343 and 19.x 2016-04-08 10.0 CVE-2016-1033 CONFIRM (link through 21.x before 21.0.0.213 on Windows and is external) OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016- 1021, CVE-2016-1022, CVE-2016-1023, CVE- 2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032. apache -- The CSV export in Apache LDAP Studio and 2016-04-11 9.3 CVE-2015-5349 CONFIRM apache_directory_studio Apache Directory Studio before 2.0.0-M10 does BUGTRAQ not properly escape field values, which might (link is external) allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet. apache -- struts Apache Struts 2.x before 2.3.28 allows remote 2016-04-12 10.0 CVE-2016-0785 SECTRACK attackers to execute arbitrary code via a "%{}" (link is external) sequence in a tag attribute, aka forced double CONFIRM OGNL evaluation. apache -- ofbiz Apache OFBiz 12.04.x before 12.04.06 and 2016-04-12 7.5 CVE-2016-2170 CONFIRM 13.07.x before 13.07.03 allow remote attackers CONFIRM to execute arbitrary commands via a crafted CONFIRM serialized Java object, related to the Apache CONFIRM CONFIRM Commons Collections library. BUGTRAQ (link is external) MISC (link is external) avast -- Heap-based buffer overflow in the Avast 2016-04-13 10.0 CVE-2015-8620 MISC (link is avast_free_antivirus virtualization driver (aswSnx.sys) in Avast external) Internet Security, Pro Antivirus, Premier, and SECTRACK Free Antivirus before 11.1.2253 allows local users (link is external) FULLDISC to gain privileges via a Unicode file path in an MISC (link is IOCTL request. external) claws-mail -- claws-mail Stack-based buffer overflow in the conv_euctojis 2016-04-11 7.5 CVE-2015-8708 MLIST (link is function in codeconv.c in Claws Mail 3.13.1 external) allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015- 8614. drupal -- drupal The System module in Drupal 6.x before 6.38 2016-04-12 8.5 CVE-2016-3168 CONFIRM and 7.x before 7.43 might allow remote attackers MLIST (link is to hijack the authentication of site external) administrators for requests that download and MLIST (link is external) run files with arbitrary JSON-encoded content, DEBIAN aka a "reflected file download vulnerability." git-scm -- git revision.c in git before 2.7.4 uses an incorrect 2016-04-08 10.0 CVE-2016-2315 CONFIRM (link integer data type, which allows remote attackers is external) to execute arbitrary code via a (1) long filename CONFIRM (link or (2) many nested trees, leading to a heap- is external) CONFIRM (link based buffer overflow. is external) SECTRACK (link is external) MLIST (link is external) SUSE SUSE SUSE SUSE git-scm -- git Integer overflow in Git before 2.7.4 allows 2016-04-08 10.0 CVE-2016-2324 CONFIRM (link remote attackers to execute arbitrary code via a is external) (1) long filename or (2) many nested trees, which CONFIRM (link triggers a heap-based buffer overflow. is external) MLIST (link is external) SUSE SUSE SUSE SUSE huawei -- p7_firmware Integer overflow in Huawei P7 phones with 2016-04-13 9.3 CVE-2015-8304 CONFIRM (link software before P7-L07 V100R001C01B606 is external) allows remote attackers to gain privileges via a crafted application with the system or camera permission. huawei -- Integer overflow in the graphics drivers in 2016-04-13 9.3 CVE-2016-1495 CONFIRM (link mate_s_firmware Huawei Mate S smartphones with software CRR- is external) TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, which triggers a heap- based buffer overflow. huawei -- p8_firmware The graphics driver in Huawei P8 smartphones 2016-04-13 7.1 CVE-2016-1496 CONFIRM (link with software GRA-TL00 before GRA- is external) TL00C01B230, GRA-CL00 before GRA- CL00C92B230, GRA-CL10 before GRA- CL10C92B230, GRA-UL00 before GRA- UL00C00B230, and GRA-UL10 before GRA- UL10C00B230 allows attackers to cause a denial of service (system crash) via a crafted application, aka a "semaphore deadlock issue." huawei -- Huawei Policy Center with software before 2016-04-12 9.0 CVE-2016-2405 CONFIRM (link policy_center_firmware V100R003C10SPC020 allows remote is external) authenticated users to gain privileges and cause a denial of service (system crash) via a crafted URL. huawei -- s5300_firmware Huawei Quidway S9700, S5700, S5300, S9300, 2016-04-11 7.8 CVE-2016-3678 CONFIRM (link and S7700 switches with software before is external) V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic. kamailio -- kamailio Heap-based buffer overflow in the encode_msg 2016-04-11 10.0 CVE-2016-2385 EXPLOIT-DB function in encode_msg.c in the SEAS module in (link is external) Kamailio (formerly OpenSER and SER) before CONFIRM (link 4.3.5 allows remote attackers to cause a denial of is external) MISC (link is service (memory corruption and process crash) external) or possibly execute arbitrary code via a large SIP BUGTRAQ packet. (link is external) CONFIRM DEBIAN DEBIAN MISC (link is external) lenovo -- Lenovo Fingerprint Manager before 8.01.57 and 2016-04-11 7.2 CVE-2016-2393 CONFIRM (link fingerprint_manager Touch Fingerprint before 1.00.08 use weak ACLs is external) for unspecified (1) services and (2) files, which allows local users to gain privileges by invalidating local checks. microsoft -- windows_10 Hyper-V in Microsoft Windows 8.1, Windows 2016-04-12 7.2 CVE-2016-0088 MS (link is Server 2012 Gold and R2, and Windows 10 allows external) guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability." microsoft -- excel Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2016-04-12 9.3 CVE-2016-0122 MS (link is 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word external) 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." microsoft -- office Microsoft Word 2007 SP3, Office 2010 SP2, Word 2016-04-12 9.3 CVE-2016-0127 MS (link is 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, external) Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." microsoft -- windows_10 The Secondary Logon Service in Microsoft 2016-04-12 7.2 CVE-2016-0135 MS (link is Windows 10 Gold and 1511 allows local users to external) gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability." microsoft -- excel Microsoft Excel 2007 SP3, Excel 2010 SP2, Office 2016-04-12 9.3 CVE-2016-0136 MS (link is Compatibility Pack SP3, Excel Services on external) SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." microsoft -- excel Microsoft Excel 2010 SP2, Word for Mac 2011, 2016-04-12 9.3 CVE-2016-0139 MS (link is and Excel Viewer allow remote attackers to external) execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." microsoft -- windows_10 The kernel-mode driver in Microsoft Windows 2016-04-12 7.2 CVE-2016-0143 MS (link is Vista SP2, Windows Server 2008 SP2 and R2 SP1, external) Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0165 and CVE-2016-0167. microsoft -- The font library in Microsoft Windows Vista SP2; 2016-04-12 9.3 CVE-2016-0145 MS (link is .net_framework Windows Server 2008 SP2 and R2 SP1; Windows external) 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, and 3.5.1; Skype for Business 2016; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Graphics Memory Corruption Vulnerability." microsoft -- Microsoft XML Core Services 3.0 allows remote 2016-04-12 9.3 CVE-2016-0147 MS (link is xml_core_services attackers to execute arbitrary code via a crafted external) web site, aka "MSXML 3.0 Remote Code Execution Vulnerability." microsoft -- Microsoft .NET Framework 4.6 and 4.6.1 2016-04-12 7.2 CVE-2016-0148 .net_framework mishandles library loading, which allows local MS (link is external) users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability." microsoft -- windows_10 HTTP.sys in Microsoft Windows 10 Gold and 2016-04-12 7.8 CVE-2016-0150 MS (link is 1511 allows remote attackers to cause a denial of external) service (system hang) via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." microsoft -- windows_10 The Client-Server Run-time Subsystem (CSRSS) in 2016-04-12 7.2 CVE-2016-0151 MS (link is Microsoft Windows 8.1, Windows Server 2012 external) Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass Vulnerability." microsoft -- windows_7 OLE in Microsoft Windows Vista SP2, Windows 2016-04-12 9.3 CVE-2016-0153 MS (link is Server 2008 SP2 and R2 SP1, Windows 7 SP1, external) Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Remote Code Execution Vulnerability." microsoft -- edge Microsoft Internet Explorer 9 through 11 and 2016-04-12 7.6 CVE-2016-0154 MS (link is Microsoft Edge allow remote attackers to external) execute arbitrary code or cause a denial of MS (link is service (memory corruption) via a crafted web external) site, aka "Microsoft Browser Memory Corruption Vulnerability." microsoft -- edge Microsoft Edge allows remote attackers to 2016-04-12 7.6 CVE-2016-0155 MS (link is execute arbitrary code or cause a denial of external) service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE- 2016-0156 and CVE-2016-0157. microsoft -- edge Microsoft Edge allows remote attackers to 2016-04-12 7.6 CVE-2016-0156 MS (link is execute arbitrary code or cause a denial of external) service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE- 2016-0155 and CVE-2016-0157. microsoft -- edge Microsoft Edge allows remote attackers to 2016-04-12 7.6 CVE-2016-0157 MS (link is execute arbitrary code or cause a denial of external) service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE- 2016-0155 and CVE-2016-0156. microsoft -- Microsoft Internet Explorer 9 allows remote 2016-04-12 7.6 CVE-2016-0159 MS (link is internet_explorer attackers to execute arbitrary code or cause a external) denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." microsoft -- Microsoft Internet Explorer 11 mishandles DLL 2016-04-12 7.2 CVE-2016-0160 MS (link is internet_explorer loading, which allows local users to gain external) privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." microsoft -- Microsoft Internet Explorer 10 and 11 allows 2016-04-12 7.6 CVE-2016-0164 MS (link is internet_explorer remote attackers to execute arbitrary code or external) cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." microsoft -- windows_10 The kernel-mode driver in Microsoft Windows 2016-04-12 7.2 CVE-2016-0165 MS (link is Vista SP2, Windows Server 2008 SP2 and R2 SP1, external) Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0167. microsoft -- Microsoft Internet Explorer 11 allows remote 2016-04-12 7.6 CVE-2016-0166 MS (link is internet_explorer attackers to execute arbitrary code or cause a external) denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." microsoft -- windows_10 The kernel-mode driver in Microsoft Windows 2016-04-12 7.2 CVE-2016-0167 Vista SP2, Windows Server 2008 SP2 and R2 SP1, MS (link is external) Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0165. oar_project -- oar The oarsh script in OAR before 2.5.7 allows 2016-04-11 9.0 CVE-2016-1235 CONFIRM (link remote authenticated users of a cluster to obtain is external) sensitive information and possibly gain CONFIRM (link privileges via vectors related to OpenSSH is external) DEBIAN options. otr -- pidgin-otr Use-after-free vulnerability in the 2016-04-11 10.0 CVE-2015-8833 MLIST (link is create_smp_dialog function in gtk-dialog.c in external) the Off-the-Record Messaging (OTR) pidgin-otr CONFIRM (link plugin before 4.0.2 for Pidgin allows remote is external) CONFIRM (link attackers to execute arbitrary code via vectors is external) related to the "Authenticate buddy" menu item. CONFIRM (link is external) MISC MLIST (link is external) MLIST (link is external) paloaltonetworks -- pan- The management web interface in Palo Alto 2016-04-12 10.0 CVE-2016-3655 CONFIRM (link os Networks PAN-OS before 5.0.18, 6.0.x before is external) 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call. paloaltonetworks -- pan- Buffer overflow in the GlobalProtect Portal in 2016-04-12 10.0 CVE-2016-3657 CONFIRM (link os Palo Alto Networks PAN-OS before 5.0.18, 6.0.x is external) before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request. postgresql -- postgresql The (1) brin_page_type and (2) 2016-04-11 8.5 CVE-2016-3065 CONFIRM brin_metapage_info functions in the SECTRACK pageinspect extension in PostgreSQL before (link is external) 9.5.x before 9.5.2 allows attackers to bypass CONFIRM intended access restrictions and consequently CONFIRM obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page. prepopulate_project -- The Prepopulate module 7.x-2.x before 7.x-2.1 2016-04-08 7.5 CVE-2016-3187 MISC prepopulate for Drupal allows remote attackers to modify the CONFIRM REQUEST superglobal array, and consequently CONFIRM have unspecified impact, via a base64-encoded pp parameter. prepopulate_project -- The _prepopulate_request_walk function in the 2016-04-08 7.5 CVE-2016-3188 MISC prepopulate Prepopulate module 7.x-2.x before 7.x-2.1 for CONFIRM Drupal allows remote attackers to modify the (1) CONFIRM actions, (2) container, (3) token, (4) password, (5) password_confirm, (6) text_format, or (7) markup field type, and consequently have unspecified impact, via unspecified vectors. redhat -- openstack The TripleO Heat templates (tripleo-heat- 2016-04-11 7.5 CVE-2015-5329 REDHAT (link templates), as used in Red Hat Enterprise Linux is external) OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for remote attackers to obtain access to services in deployed overclouds by leveraging knowledge of the default credentials. spip -- spip SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 2016-04-08 7.5 CVE-2016-3153 CONFIRM (link 3.1.x before 3.1.1 allows remote attackers to is external) execute arbitrary PHP code by adding content, CONFIRM (link related to the filtrer_entites function. is external) DEBIAN spip -- spip The encoder_contexte_ajax function in 2016-04-08 7.5 CVE-2016-3154 CONFIRM (link ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, is external) 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows CONFIRM (link remote attackers to conduct PHP object injection is external) DEBIAN attacks and execute arbitrary PHP code via a crafted serialized object. Medium Severity Vulnerabilities The Primary Description Date Published CVSS The CVE Vendor --- Product Score Identity adobe -- robohelp Adobe RoboHelp Server 9 before 9.0.1 mishandles 2016-04-12 5.0 CVE-2016-1035 CONFIRM (link SQL queries, which allows attackers to obtain is external) sensitive information via unspecified vectors. apache -- ranger Cross-site scripting (XSS) vulnerability in the Policy 2016-04-11 4.3 CVE-2015-0265 MLIST Admin Tool in Apache Ranger before 0.5.0 allows CONFIRM remote attackers to inject arbitrary web script or MISC (link is HTML via the HTTP User-Agent header. external) BID (link is external) apache -- ranger The Policy Admin Tool in Apache Ranger before 2016-04-11 6.5 CVE-2015-0266 MLIST 0.5.0 allows remote authenticated users to bypass CONFIRM intended access restrictions via direct access to MISC (link is module URLs. external) BID (link is external) apache -- ofbiz Cross-site scripting (XSS) vulnerability in the 2016-04-12 4.3 CVE-2015-3268 CONFIRM DisplayEntityField.getDescription method in CONFIRM ModelFormField.java in Apache OFBiz before CONFIRM 12.04.06 and 13.07.x before 13.07.03 allows remote CONFIRM BUGTRAQ attackers to inject arbitrary web script or HTML via (link is external) the description attribute of a display-entity MISC (link is element. external) apache -- ranger The Policy Admin Tool in Apache Ranger before 2016-04-12 4.0 CVE-2015-5167 MLIST 0.5.1 allows remote authenticated users to bypass CONFIRM intended access restrictions via the REST API. BID (link is external) apache -- wicket Cross-site scripting (XSS) vulnerability in the 2016-04-12 4.3 CVE-2015-5347 CONFIRM getWindowOpenJavaScript function in SECTRACK org.apache.wicket.extensions.ajax.markup.html.mo (link is external) dal.ModalWindow in Apache Wicket 1.5.x before CONFIRM 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 might allow remote attackers to inject arbitrary web script or HTML via a ModalWindow title. apache -- wicket Multiple cross-site scripting (XSS) vulnerabilities in 2016-04-12 4.3 CVE-2015-7520 the (1) RadioGroup and (2) CheckBoxMultipleChoice SECTRACK (link is external) classes in Apache Wicket 1.5.x before 1.5.15, 6.x CONFIRM before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value" attribute in a element. apache -- The sendHashByUser function in Apache 2016-04-11 5.0 CVE-2016-0783 CONFIRM openmeetings OpenMeetings before 3.1.1 generates predictable CONFIRM password reset tokens, which makes it easier for BUGTRAQ remote attackers to reset arbitrary user passwords (link is external) MISC (link is by leveraging knowledge of a user name and the external) current system time. MISC (link is external) apache -- Directory traversal vulnerability in the 2016-04-11 4.0 CVE-2016-0784 CONFIRM openmeetings Import/Export System Backups functionality in EXPLOIT-DB Apache OpenMeetings before 3.1.1 allows remote (link is external) authenticated administrators to write to arbitrary CONFIRM BUGTRAQ files via a .. (dot dot) in a ZIP archive entry. (link is external) MLIST (link is external) MISC (link is external) MISC (link is external) apache -- struts Apache Struts 2.x before 2.3.25 does not sanitize 2016-04-12 4.3 CVE-2016-2162 SECTRACK text in the Locale object constructed by (link is external) I18NInterceptor, which might allow remote CONFIRM attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors involving language display. apache -- Cross-site scripting (XSS) vulnerability in Apache 2016-04-11 4.3 CVE-2016-2163 CONFIRM openmeetings OpenMeetings before 3.1.1 allows remote attackers CONFIRM to inject arbitrary web script or HTML via the event BUGTRAQ description when creating an event. (link is external) MISC (link is external) apache -- The (1) FileService.importFileByInternalUserId and 2016-04-11 5.0 CVE-2016-2164 CONFIRM openmeetings (2) FileService.importFile SOAP API methods in CONFIRM Apache OpenMeetings before 3.1.1 improperly use BUGTRAQ the Java URL class without checking the specified (link is external) MISC (link is protocol handler, which allows remote attackers to external) read arbitrary files by attempting to upload a file. apache -- The (1) proton.reactor.Connector, (2) 2016-04-12 5.8 CVE-2016-2166 CONFIRM qpid_proton proton.reactor.Container, and (3) CONFIRM proton.utils.BlockingConnection classes in Apache CONFIRM Qpid Proton before 0.12.1 improperly use an BUGTRAQ (link is external) unencrypted connection for an amqps URI scheme MISC (link is when SSL support is unavailable, which might allow external) man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors. apache -- jetspeed The User Manager service in Apache Jetspeed 2016-04-11 6.4 CVE-2016-2171 CONFIRM before 2.3.1 does not properly restrict access using MLIST Jetspeed Security, which allows remote attackers to MISC (link is (1) add, (2) edit, or (3) delete users via the REST API. external) apache -- struts Cross-site scripting (XSS) vulnerability in the 2016-04-12 4.3 CVE-2016-4003 CONFIRM URLDecoder function in JRE before 1.8, as used in SECTRACK Apache Struts 2.x before 2.3.28, when using a single (link is external) byte page encoding, allows remote attackers to CONFIRM inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter. atlassian -- Cross-site scripting (XSS) vulnerability in Atlassian 2016-04-11 4.3 CVE-2015-8398 BUGTRAQ confluence Confluence before 5.8.17 allows remote attackers to (link is external) inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check. atlassian -- Atlassian Confluence before 5.8.17 allows remote 2016-04-11 4.0 CVE-2015-8399 BUGTRAQ confluence authenticated users to read configuration files via (link is external) the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action. cacti -- cacti SQL injection vulnerability in tree.php in Cacti 2016-04-12 6.5 CVE-2016-3172 MLIST (link is 0.8.8g and earlier allows remote authenticated external) users to execute arbitrary SQL commands via the MLIST (link is parent_id parameter in an item_edit action. external) MISC (link is external) cacti -- cacti SQL injection vulnerability in graph_view.php in 2016-04-11 6.5 CVE-2016-3659 FULLDISC Cacti 0.8.8.g allows remote authenticated users to MISC (link is execute arbitrary SQL commands via the external) host_group_data parameter. MISC (link is external) cisco -- Cross-site scripting (XSS) vulnerability in Cisco IP 2016-04-08 4.3 CVE-2016-1375 CISCO (link is ip_interoperability_ Interoperability and Collaboration System 4.10(1) external) and_collaboration_ allows remote attackers to inject arbitrary web system script or HTML via a crafted URL, aka Bug ID CSCuy12339. cisco -- Cross-site scripting (XSS) vulnerability in Cisco Unity 2016-04-12 4.3 CVE-2016-1377 CISCO (link is unity_connection Connection through 11.0 allows remote attackers to external) inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776. dhcpcd_project -- The decode_search function in dhcp.c in dhcpcd 3.x 2016-04-11 5.0 CVE-2012-6698 CONFIRM (link dhcpcd allows remote DHCP servers to cause a denial of is external) service (out-of-bounds write) via a crafted response. CONFIRM (link is external) MLIST (link is external) MLIST (link is external) DEBIAN dhcpcd_project -- The decode_search function in dhcp.c in dhcpcd 3.x 2016-04-11 5.0 CVE-2012-6699 CONFIRM (link dhcpcd allows remote DHCP servers to cause a denial of is external) service (out-of-bounds read) via a crafted response. CONFIRM (link is external) MLIST (link is external) MLIST (link is external) DEBIAN dhcpcd_project -- The decode_search function in dhcp.c in dhcpcd 3.x 2016-04-11 5.0 CVE-2012-6700 CONFIRM (link dhcpcd does not properly free allocated memory, which is external) allows remote DHCP servers to cause a denial of CONFIRM (link service via a crafted response. is external) MLIST (link is external) MLIST (link is external) DEBIAN django -- django The utils.http.is_safe_url function in Django before 2016-04-08 4.3 CVE-2016-2512 CONFIRM (link 1.8.10 and 1.9.x before 1.9.3 allows remote is external) attackers to redirect users to arbitrary web sites and CONFIRM (link conduct phishing attacks or possibly conduct cross- is external) REDHAT (link site scripting (XSS) attacks via a URL containing is external) basic authentication, as demonstrated by http://mysite.example.com\@attacker.com. drupal -- drupal Drupal 6.x before 6.38, 7.x before 7.43, and 8.x 2016-04-12 5.8 CVE-2016-3164 CONFIRM before 8.0.4 might allow remote attackers to MLIST (link is conduct open redirect attacks by leveraging (1) external) custom code or (2) a form shown on a 404 error MLIST (link is external) page, related to path manipulation. DEBIAN drupal -- drupal The Form API in Drupal 6.x before 6.38 ignores 2016-04-12 5.0 CVE-2016-3165 CONFIRM access restrictions on submit buttons, which might MLIST (link is allow remote attackers to bypass intended access external) restrictions by leveraging permission to submit a MLIST (link is external) form with a button that has "#access" set to FALSE DEBIAN in the server-side form definition. drupal -- drupal CRLF injection vulnerability in the 2016-04-12 4.3 CVE-2016-3166 CONFIRM drupal_set_header function in Drupal 6.x before MLIST (link is 6.38, when used with PHP before 5.1.2, allows external) remote attackers to inject arbitrary HTTP headers MLIST (link is external) and conduct HTTP response splitting attacks by DEBIAN leveraging a module that allows user-submitted data to appear in HTTP headers. drupal -- drupal Open redirect vulnerability in the drupal_goto 2016-04-12 5.8 CVE-2016-3167 CONFIRM function in Drupal 6.x before 6.38, when used with MLIST (link is PHP before 5.4.7, allows remote attackers to external) redirect users to arbitrary web sites and conduct MLIST (link is external) phishing attacks via a double-encoded URL in the DEBIAN "destination" parameter. drupal -- drupal The User module in Drupal 6.x before 6.38 and 7.x 2016-04-12 6.8 CVE-2016-3169 CONFIRM before 7.43 allows remote attackers to gain MLIST (link is privileges by leveraging contributed or custom external) code that calls the user_save function with an MLIST (link is external) explicit category and loads all roles into the array. DEBIAN drupal -- drupal The "have you forgotten your password" links in the 2016-04-12 5.0 CVE-2016-3170 CONFIRM User module in Drupal 7.x before 7.43 and 8.x MLIST (link is before 8.0.4 allow remote attackers to obtain external) sensitive username information by leveraging a MLIST (link is external) configuration that permits using an email address DEBIAN to login and a module that permits logging in. drupal -- drupal Drupal 6.x before 6.38, when used with PHP before 2016-04-12 6.8 CVE-2016-3171 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, CONFIRM MLIST (link is might allow remote attackers to execute arbitrary external) code via vectors related to session data truncation. MLIST (link is external) DEBIAN fortinet -- fortios The Web User Interface (WebUI) in FortiOS 5.0.x 2016-04-08 4.3 CVE-2016-3978 SECTRACK before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before (link is external) 5.4.0 allows remote attackers to redirect users to CONFIRM (link arbitrary web sites and conduct phishing attacks or is external) FULLDISC cross-site scripting (XSS) attacks via the "redirect" parameter to "login." google -- Kubernetes before 1.2.0-alpha.5 allows remote 2016-04-11 5.0 CVE-2015-7528 CONFIRM (link kubernetes attackers to read arbitrary pod logs via a container is external) name. CONFIRM (link is external) CONFIRM (link is external) REDHAT (link is external) REDHAT (link is external) huawei -- SQL injection vulnerability in Huawei Policy Center 2016-04-11 6.5 CVE-2016-3675 CONFIRM (link policy_center_firm with software before V100R003C10SPC020 allows is external) ware remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases. huawei -- Huawei E3276s USB modems with software before 2016-04-11 5.8 CVE-2016-3676 CONFIRM (link e3276s_firmware E3276s-150TCPU-V200R002B436D09SP00C00 allow is external) man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network. jasper_project -- Double free vulnerability in the 2016-04-13 6.8 CVE-2016-1577 CONFIRM (link jasper jas_iccattrval_destroy function in JasPer 1.900.1 is external) and earlier allows remote attackers to cause a UBUNTU (link denial of service (crash) or possibly execute is external) MLIST (link is arbitrary code via a crafted ICC color profile in a external) JPEG 2000 image file, a different vulnerability than CVE-2014-8137. jasper_project -- Memory leak in the jas_iccprof_createfrombuf 2016-04-13 4.3 CVE-2016-2116 CONFIRM (link jasper function in JasPer 1.900.1 and earlier allows remote is external) attackers to cause a denial of service (memory UBUNTU (link is external) consumption) via a crafted ICC color profile in a MLIST (link is JPEG 2000 image file. external) lenovo -- The management interface in LenovoEMC EZ Media 2016-04-11 5.0 CVE-2015-8108 CONFIRM (link emc_firmware & Backup (hm3), ix2/ix2-dl, ix4-300d, px12- is external) 400r/450r, px6-300d, px2-300d, px4-300r, px4- 400d, px4-400r, and px4-300d NAS devices with firmware before 4.1.204.33661 allows remote attackers to obtain sensitive device information via unspecified vectors. mantisbt -- mantisbt Incomplete blacklist vulnerability in the 2016-04-11 5.0 CVE-2014-9759 CONFIRM config_is_private function in config_api.php in CONFIRM (link MantisBT 1.3.x before 1.3.0 allows remote attackers is external) to obtain sensitive master salt configuration MLIST (link is external) information via a SOAP API request. MLIST (link is external) mcafee -- McAfee Advanced Threat Defense (ATD) before 2016-04-08 5.0 CVE-2016-3983 CONFIRM (link advanced_threat_d 3.4.8.178 might allow remote attackers to bypass is external) efense malware detection by leveraging information about the parent process. microsoft -- The SAM and LSAD protocol implementations in 2016-04-12 4.3 CVE-2016-0128 MS (link is windows_10 Microsoft Windows Vista SP2, Windows Server 2008 external) SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, MISC Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the- middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK." microsoft -- edge Microsoft Edge allows remote attackers to bypass 2016-04-12 4.3 CVE-2016-0158 MS (link is the Same Origin Policy via unspecified vectors, aka external) "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE- 2016-0161. microsoft -- edge Microsoft Edge allows remote attackers to bypass 2016-04-12 4.3 CVE-2016-0161 MS (link is the Same Origin Policy via unspecified vectors, aka external) "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE- 2016-0158. microsoft -- Microsoft Internet Explorer 9 through 11 allows 2016-04-12 4.3 CVE-2016-0162 MS (link is internet_explorer remote attackers to determine the existence of files external) via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability." paloaltonetworks -- The GlobalProtect Portal in Palo Alto Networks PAN- 2016-04-12 5.0 CVE-2016-3656 CONFIRM (link pan-os OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before is external) 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request. postgresql -- PostgreSQL before 9.5.x before 9.5.2 does not 2016-04-11 5.0 CVE-2016-2193 CONFIRM postgresql properly maintain row-security status in cached CONFIRM plans, which might allow attackers to bypass CONFIRM intended access restrictions by leveraging a session that performs queries as more than one role. puppetlabs -- Puppet Enterprise 2015.3 before 2015.3.1 allows 2016-04-11 6.5 CVE-2015-7330 CONFIRM (link puppet_enterprise remote attackers to bypass a host whitelist is external) protection mechanism by leveraging the Puppet SECTRACK communications protocol. (link is external) qemu -- qemu Stack-based buffer overflow in hw/scsi/scsi-bus.c in 2016-04-11 4.3 CVE-2015-5158 GENTOO QEMU, when built with SCSI-device emulation MLIST support, allows guest OS users with SECTRACK CAP_SYS_RAWIO permissions to cause a denial of (link is external) BID (link is service (instance crash) via an invalid opcode in a external) SCSI command descriptor block. redhat -- The calloc function in the glibc package in Red Hat 2016-04-08 5.0 CVE-2015-5229 CONFIRM (link enterprise_linux Enterprise Linux (RHEL) 6.7 and 7.2 does not is external) properly initialize memory areas, which might allow CONFIRM (link context-dependent attackers to cause a denial of is external) CONFIRM (link service (hang or crash) via unspecified vectors. is external) REDHAT (link is external) samba -- samba The MS-SAMR and MS-LSAD protocol 2016-04-12 4.3 CVE-2016-2118 CONFIRM implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man- in-the-middle attackers to perform protocol- downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK." sap -- java_as The Java Startup Framework (aka jstart) in SAP 2016-04-08 5.0 CVE-2016-3980 MISC (link is JAVA AS 7.4 allows remote attackers to cause a external) denial of service via a crafted HTTP request, aka SAP Security Note 2259547. siemens -- Siemens SCALANCE S613 allows remote attackers to 2016-04-08 5.0 CVE-2016-3963 CONFIRM (link scalance_s613 cause a denial of service (web-server outage) via is external) traffic to TCP port 443. silverstripe -- Multiple cross-site scripting (XSS) vulnerabilities in 2016-04-13 4.3 CVE-2015-8606 CONFIRM silverstripe SilverStripe CMS & Framework before 3.1.16 and MLIST (link is 3.2.x before 3.2.1 allow remote attackers to inject external) arbitrary web script or HTML via the (1) Locale or (2) MLIST (link is external) FailedLoginCount parameter to MLIST (link is admin/security/EditForm/field/Members/item/new/ external) ItemEditForm. FULLDISC zimbra -- Multiple cross-site request forgery (CSRF) 2016-04-08 6.8 CVE-2015-6541 EXPLOIT-DB zimbra_collaboratio vulnerabilities in the Mail interface in Zimbra (link is external) n_server Collaboration Server (ZCS) before 8.5 allow remote CONFIRM (link attackers to hijack the authentication of arbitrary is external) FULLDISC users for requests that change account preferences via a SOAP request to service/soap/BatchRequest. Low Severity Vulnerabilities

The Primary Description Date Published CVSS The CVE Vendor --- Product Score Identity django -- django The password hasher in contrib/auth/hashers.py in 2016-04-08 2.6 CVE-2016-2513 CONFIRM (link Django before 1.8.10 and 1.9.x before 1.9.3 allows is external) remote attackers to enumerate users via a timing CONFIRM (link attack involving login requests. is external) REDHAT (link is external) microsoft -- Hyper-V in Microsoft Windows 8.1, Windows Server 2016-04-12 2.1 CVE-2016-0089 MS (link is windows_10 2012 Gold and R2, and Windows 10 allows guest OS external) users to obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability." microsoft -- Hyper-V in Microsoft Windows 8.1, Windows Server 2016-04-12 2.1 CVE-2016-0090 MS (link is windows_10 2012 R2, and Windows 10 allows guest OS users to external) obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability." novell -- leap The mysql-systemd-helper script in the mysql- 2016-04-08 2.1 CVE-2015-5969 SUSE (link is community-server package before 5.6.28-2.17.1 in external) openSUSE 13.2 and before 5.6.28-13.1 in openSUSE CONFIRM (link Leap 42.1 and the mariadb package before 10.0.22- is external) SUSE 2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap SUSE 42.1 allows local users to discover database credentials by listing a process and its arguments. qemu -- qemu The net_checksum_calculate function in 2016-04-11 2.1 CVE-2016-2857 MLIST (link is net/checksum.c in QEMU allows guest OS users to external) cause a denial of service (out-of-bounds heap read MLIST (link is and crash) via the payload length in a crafted packet. external) CONFIRM

• Sources: http://nvd.nist.gov (For more information visit the National Vulnerabilities Database (NVD) which contains a database of every vulnerability that has ever been published). Uganda Communications Commission – UGCERT Email: [email protected] Tel + 256 414 302 100/150 Toll Free: 0800 133 911 Website www.ug-cert.ug Face book / Twitter: UGCERT