CVE-2016-2231

CRITICAL Year: 2016
CVSS v3 Score
9.8
Critical
CVSS v2 Score
9.0
Critical
Weakness Type
CWE-19
View all →

Vulnerability Description

The Windows-based Host Interface Program (WHIP) service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service (device outage) or possibly have unspecified other impact via crafted traffic on TCP port 8701.

Related Vulnerabilities

CVE-2012-5357

CRITICAL
CVSS:9.8(Critical)

Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE p...

CWE-192012

CVE-2012-5358

CRITICAL
CVSS:9.8(Critical)

The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary...

CWE-192012

CVE-2014-10039

CRITICAL
CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will caus...

CWE-192014

CVE-2014-9693

CRITICAL
CVSS:9.8(Critical)

Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R0...

CWE-192014

CVE-2015-3991

CRITICAL
CVSS:9.8(Critical)

strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.

CWE-192015

CVE-2015-5344

CRITICAL
CVSS:9.8(Critical)

The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

CWE-192015