Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-1586

EPSS 0.18% · P39
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-1586

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Oxide 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oxide是一个支持在应用程序中嵌入基于Chromium(Google Chrome浏览器所使用的引擎)的WebView的库。 Oxide 1.18.3之前版本中存在输入验证错误漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
UbuntuOxide unspecified ~ 1.18.3 -

II. Public POCs for CVE-2016-1586

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2016-1586

登录查看更多情报信息。

Same Patch Batch · Ubuntu · 2019-04-22 · 15 CVEs total

CVE-2014-1426get_file_by_name does not check owner
CVE-2014-1427MAAS API vulnerable to CSRF attack
CVE-2014-1428uuid.uuid1() is not suitable as an unguessable identifier/token
CVE-2015-1316Juju Joyent provider uploads user's private ssh key by default
CVE-2015-1320Probe-and-enlist for SeaMicro chassis writes password to the log
CVE-2015-1326python-dbusmock arbitrary code execution or file overwrite when templates are loaded from
CVE-2015-1327Content-hub DBUS API doesn't prevent confined apps from passing paths to files without acc
CVE-2015-1340chmod race in doUidshiftIntoContainer
CVE-2015-1341Apport privilege escalation through Python module imports
CVE-2015-1343unity-scope-gdrive search feature logs search terms to syslog
CVE-2016-1573Using a specially crafted fallback art property, scopes can execute arbitrary QML code in
CVE-2016-1579UDM doesn't check for confinement before running post-processing commands
CVE-2016-1584Unity8 converged application lifecycle allows background applications to use on-screen key
CVE-2016-1587Snapweb interface 访问控制错误漏洞

IV. Related Vulnerabilities

Same vendor: Ubuntu

V. Comments for CVE-2016-1586

No comments yet

Leave a comment