|
267861
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10029
|
2024-11-21 11:43 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267862
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (ou…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10028
|
2024-11-21 11:43 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267863
|
7.5 |
HIGH
Network
|
muscle
canonical
|
pcsc-lite
ubuntu_linux
|
Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the…
|
CWE-416
Use After Free
|
CVE-2016-10109
|
2024-11-21 11:43 |
2017-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267864
|
7.5 |
HIGH
Network
|
zyxel
|
usg50_firmware
nwa3560-n_firmware
|
Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets.
|
CWE-399
Resource Management Errors
|
CVE-2016-10227
|
2024-11-21 11:43 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267865
|
9.8 |
CRITICAL
Network
|
zabbix
|
zabbix
|
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
|
CWE-89
SQL Injection
|
CVE-2016-10134
|
2024-11-21 11:43 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267866
|
7.8 |
HIGH
Local
|
nagios
|
nagios
|
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10089
|
2024-11-21 11:43 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267867
|
5.4 |
MEDIUM
Network
|
bigtreecms
|
bigtree_cms
|
An issue was discovered in BigTree CMS before 4.2.15. The vulnerability exists due to insufficient filtration of user-supplied data in the "id" HTTP GET parameter passed to the "core/admin/adjax/dash…
|
CWE-284
Improper Access Control
|
CVE-2016-10223
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267868
|
7.2 |
HIGH
Network
|
sauter-controls
|
novaweb_web_hmi
|
An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is v…
|
CWE-254
7PK - Security Features
|
CVE-2016-10224
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267869
|
7.5 |
HIGH
Network
|
ikiwiki
|
ikiwiki
|
ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote a…
|
CWE-284
Improper Access Control
|
CVE-2016-10026
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267870
|
6.1 |
MEDIUM
Network
|
sivann
|
it_items_database
|
An issue was discovered in IT ITems DataBase (ITDB) through 1.23. The vulnerability exists due to insufficient filtration of user-supplied data in the "value" HTTP POST parameter passed to the "itdb-…
|
CWE-79
Cross-site Scripting
|
CVE-2016-10216
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
