|
273491
|
8.1 |
HIGH
Network
|
sap
|
hana
|
The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," …
|
CWE-284
Improper Access Control
|
CVE-2016-6144
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273492
|
9.8 |
CRITICAL
Network
|
sap
|
trex
|
SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591.
|
CWE-284
Improper Access Control
|
CVE-2016-6140
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273493
|
9.8 |
CRITICAL
Network
|
sap
|
trex
|
SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
|
NVD-CWE-noinfo
|
CVE-2016-6139
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273494
|
9.8 |
CRITICAL
Network
|
sap
|
trex
|
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
|
CWE-22
Path Traversal
|
CVE-2016-6138
|
2024-11-21 11:55 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273495
|
6.2 |
MEDIUM
Local
|
xen citrix
|
xen xenserver
|
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial …
|
CWE-20
Improper Input Validation
|
CVE-2016-6259
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273496
|
8.8 |
HIGH
Local
|
xen citrix
|
xen xenserver
|
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
|
CWE-284
Improper Access Control
|
CVE-2016-6258
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273497
|
7.5 |
HIGH
Network
|
canonical kde
|
ubuntu_linux karchives
|
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, r…
|
CWE-22
Path Traversal
|
CVE-2016-6232
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273498
|
7.8 |
HIGH
Local
|
huawei
|
p8_smartphone_firmware
|
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted applica…
|
CWE-264 NVD-CWE-noinfo
Permissions, Privileges, and Access Controls
|
CVE-2016-6193
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273499
|
7.3 |
HIGH
Local
|
huawei
|
p8_smartphone_firmware
|
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted applica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6192
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273500
|
9.8 |
CRITICAL
Network
|
huawei
|
ne5000e_firmware cloudengine_12800_firmware ptn_6900-2-m8_firmware cx600_firmware ne40e_firmware
|
Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine dev…
|
CWE-20
Improper Input Validation
|
CVE-2016-6178
|
2024-11-21 11:55 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|