CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2016-4810
https://notcve.org/view.php?id=CVE-2016-4810
Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors. Citrix Studio en versiones anteriores a 7.6.1000, Citrix XenDesktop 7.x en versiones anteriores a 7.6 LTSR Cumulative Update 1 (CU1) y Citrix XenApp 7.5 y 7.6 permiten a atacantes establecer reglas Access Policy en el XenDesktop Delivery Controller a través de vectores no especificados. • http://support.citrix.com/article/CTX213045 http://www.securitytracker.com/id/1036021 • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4945 – Citrix Netscaler 11.0 Build 64.35 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2016-4945
Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote attackers to inject arbitrary web script or HTML via the NSC_TMAC cookie. Vulnerabilidad de XSS en vpn/js/gateway_login_form_view.js en Citrix NetScaler Gateway 11.0 en versiones anteriores a Build 66.11 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de la cookie NSC_TMAC. The login page of the Citrix Netscaler Gateway web front-end is vulnerable to a DOM-based cross site scripting (XSS) vulnerability due to improper sanitization of the content of the "NSC_TMAC" cookie. • http://packetstormsecurity.com/files/137221/Citrix-Netscaler-11.0-Build-64.35-Cross-Site-Scripting.html http://persicon.com/tl_files/advisories/PERSICON-advisory-2016-No-1-citrix.txt http://support.citrix.com/article/CTX213313 http://www.securityfocus.com/archive/1/538515/100/0/threaded http://www.securitytracker.com/id/1036020 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2016-3712 – qemu-kvm: Out-of-bounds read when creating weird vga screen surface
https://notcve.org/view.php?id=CVE-2016-3712
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. Desbordamiento de entero en el módulo VGA en QEMU permite a usuarios de SO invitado locales provocar una denegación de servicio (lectura fuera de límites y caída de proceso QEMU) editando registros VGA en modo VBE. An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance. • http://rhn.redhat.com/errata/RHSA-2016-2585.html http://rhn.redhat.com/errata/RHSA-2017-0621.html http://support.citrix.com/article/CTX212736 http://www.debian.org/security/2016/dsa-3573 http://www.openwall.com/lists/oss-security/2016/05/09/4 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/90314 http://www.securitytracker.com/id/1035794 http://www.ubuntu.com/usn/USN-2974-1 http://xenbits.xen.org/ • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 47EXPL: 0CVE-2016-3710 – qemu: incorrect banked access bounds checking in vga module
https://notcve.org/view.php?id=CVE-2016-3710
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue. El módulo VGA en QEMU lleva a cabo incorrectamente comprobaciones de límites sobre acceso almacenado a la memoria de vídeo, lo que permite a administradores locales de SO invitado ejecutar código arbitrario sobre el anfitrión cambiando los modos de acceso después de establecer el banco de registros, también conocido como el problema "Dark Portal". An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process. • http://rhn.redhat.com/errata/RHSA-2016-0724.html http://rhn.redhat.com/errata/RHSA-2016-0725.html http://rhn.redhat.com/errata/RHSA-2016-0997.html http://rhn.redhat.com/errata/RHSA-2016-0999.html http://rhn.redhat.com/errata/RHSA-2016-1000.html http://rhn.redhat.com/errata/RHSA-2016-1001.html http://rhn.redhat.com/errata/RHSA-2016-1002.html http://rhn.redhat.com/errata/RHSA-2016-1019.html http://rhn.redhat.com/errata/RHSA-2016-1943.html http://suppor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7999
https://notcve.org/view.php?id=CVE-2015-7999
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Múltiples vulnerbilidades de inyección SQL en los servlets Administration Web UI en Citrix Command Center en versiones anteriores a 5.1 Build 36.7 y 5.2 en versiones anteriores a Build 44.11 permiten a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://support.citrix.com/article/CTX203787 http://www.securityfocus.com/bid/79659 http://www.securitytracker.com/id/1034520 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •