|
266601
|
7.5 |
HIGH
Network
|
omnimetrix
|
omniview
|
An issue was discovered in OmniMetrix OmniView, Version 1.2. Insufficient password requirements for the OmniView web application may allow an attacker to gain access by brute forcing account password…
|
CWE-284
Improper Access Control
|
CVE-2016-5801
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266602
|
7.5 |
HIGH
Network
|
fatek
|
automation_fv_designer
automation_pm_designer
|
An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5798
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266603
|
8.8 |
HIGH
Network
|
fatek
|
automation_fv_designer
automation_pm_designer
|
An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5796
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266604
|
7.5 |
HIGH
Network
|
omnimetrix
|
omniview
|
An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the co…
|
CWE-200
Information Exposure
|
CVE-2016-5786
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266605
|
8.6 |
HIGH
Network
|
locusenergy
|
lgate_firmware
|
An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. Locus Energy meters use a PHP script to manage the energy meter parameters for …
|
CWE-20
Improper Input Validation
|
CVE-2016-5782
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266606
|
7.5 |
HIGH
Network
|
op-tee
libtom
|
op-tee_os
libtomcrypt
|
The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes i…
|
CWE-20
Improper Input Validation
|
CVE-2016-6129
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266607
|
5.9 |
MEDIUM
Network
|
openbsd
|
openssh
|
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enu…
|
CWE-200
Information Exposure
|
CVE-2016-6210
|
2024-11-21 11:55 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266608
|
7.5 |
HIGH
Network
|
nlnetlabs
|
nsd
|
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
|
CWE-399
Resource Management Errors
|
CVE-2016-6173
|
2024-11-21 11:55 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266609
|
8.6 |
HIGH
Network
|
knot-dns
|
knot_dns
|
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-6171
|
2024-11-21 11:55 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266610
|
7.3 |
HIGH
Local
|
ibm
|
tivoli_storage_manager_fastback
|
IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. By placing a specially-crafted DLL in the victim's path, an attacker could exploit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5934
|
2024-11-21 11:55 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
