|
273681
|
7.8 |
HIGH
Local
|
xen
|
xen
|
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10013
|
2024-11-21 11:43 |
2017-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273682
|
7.5 |
HIGH
Network
|
php
|
php
|
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application c…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-10162
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273683
|
7.5 |
HIGH
Network
|
php
|
php
|
The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10161
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273684
|
9.8 |
CRITICAL
Network
|
php
netapp
debian
|
php
clustered_data_ontap
debian_linux
|
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possib…
|
CWE-193
Off-by-one Error
|
CVE-2016-10160
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273685
|
7.5 |
HIGH
Network
|
php
debian
|
php
debian_linux
|
Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or applic…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-10159
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273686
|
7.5 |
HIGH
Network
|
php
|
php
|
The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via …
|
CWE-189
Numeric Errors
|
CVE-2016-10158
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273687
|
9.8 |
CRITICAL
Network
|
akamai
|
netsession
|
Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because the mentioned DLL is missing from the inst…
|
CWE-94
Code Injection
|
CVE-2016-10157
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273688
|
7.8 |
HIGH
Local
|
systemd_project
|
systemd
|
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. Th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10156
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273689
|
5.9 |
MEDIUM
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-10104
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273690
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for G…
|
CWE-255
CWE-326
Credentials Management
Inadequate Encryption Strength
|
CVE-2016-10103
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
