Total
5231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6564 | 7 Beeline, Bluproducts, Doogee and 4 more | 38 Pro 2, Pro 2 Firmware, Studio 6.0 Hd and 35 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as /system/bin/debugs, runs with root privileges and does not communicate over an encrypted channel. The binary has been shown to communicate with three hosts via HTTP: oyag[.]lhzbdvm[.]com oyag[.]prugskh[.]net oyag[.]prugskh[.]com Server responses to requests sent by the debugs binary include functionalities to execute arbitrary commands as root, install applications, or update configurations. Examples of a request sent by the client binary: POST /pagt/agent?data={"name":"c_regist","details":{...}} HTTP/1. 1 Host: 114.80.68.223 Connection: Close An example response from the server could be: HTTP/1.1 200 OK {"code": "01", "name": "push_commands", "details": {"server_id": "1" , "title": "Test Command", "comments": "Test", "commands": "touch /tmp/test"}} This binary is reported to be present in the following devices: BLU Studio G BLU Studio G Plus BLU Studio 6.0 HD BLU Studio X BLU Studio X Plus BLU Studio C HD Infinix Hot X507 Infinix Hot 2 X510 Infinix Zero X506 Infinix Zero 2 X509 DOOGEE Voyager 2 DG310 LEAGOO Lead 5 LEAGOO Lead 6 LEAGOO Lead 3i LEAGOO Lead 2S LEAGOO Alfa 6 IKU Colorful K45i Beeline Pro 2 XOLO Cube 5.0 | |||||
| CVE-2016-6536 | 1 Aver | 2 Eh6108h\+, Eh6108h\+ Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The /setup URI on AVer Information EH6108H+ devices with firmware X9.03.24.00.07l allows remote attackers to bypass intended page-access restrictions or modify passwords by leveraging knowledge of a handle parameter value. | |||||
| CVE-2016-6527 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | |||||
| CVE-2016-6526 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | |||||
| CVE-2016-6492 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call. | |||||
| CVE-2016-6486 | 1 Siemens | 1 Sinema Server | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2016-6470 | 1 Cisco | 1 Hybrid Media Service | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Known Affected Releases: 1.0. | |||||
| CVE-2016-6449 | 1 Cisco | 1 Fireamp Connector Endpoint Software | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available. More Information: CSCvb40597. Known Affected Releases: 1. | |||||
| CVE-2016-6438 | 1 Cisco | 1 Ios Xe | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability affects the following releases of Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers: All 3.16S releases, All 3.17S releases, Release 3.18.0S, Release 3.18.1S, Release 3.18.0SP. More Information: CSCuz62815. Known Affected Releases: 15.5(3)S2.9, 15.6(2)SP. Known Fixed Releases: 15.6(1.7)SP1, 16.4(0.183), 16.5(0.1). | |||||
| CVE-2016-6430 | 1 Cisco | 1 Ip Interoperability And Collaboration System | 2024-11-21 | 6.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.10(1). Known Fixed Releases: 5.0(1). | |||||
| CVE-2016-6428 | 1 Cisco | 1 Ios Xr | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349. | |||||
| CVE-2016-6420 | 1 Cisco | 1 Firesight System Software | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. | |||||
| CVE-2016-6413 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496. | |||||
| CVE-2016-6406 | 1 Cisco | 1 Email Security Appliance Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017. | |||||
| CVE-2016-6402 | 1 Cisco | 1 Unified Computing System | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263. | |||||
| CVE-2016-6394 | 1 Cisco | 1 Firesight System Software | 2024-11-21 | 5.8 MEDIUM | 9.1 CRITICAL |
| Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503. | |||||
| CVE-2016-6369 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. | |||||
| CVE-2016-6362 | 1 Cisco | 1 Aironet Access Point Software | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. | |||||
| CVE-2016-6325 | 2 Apache, Redhat | 11 Tomcat, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group. | |||||
| CVE-2016-6322 | 1 Redhat | 2 Enterprise Linux, Quickstart Cloud Installer | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
| Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file. | |||||