|
266161
|
9.8 |
CRITICAL
Network
|
facebook
|
hhvm
|
Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-6871
|
2024-11-21 11:56 |
2017-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266162
|
9.8 |
CRITICAL
Network
|
facebook
|
hhvm
|
Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-6870
|
2024-11-21 11:56 |
2017-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266163
|
7.5 |
HIGH
Network
|
suckless
fedoraproject
|
slock
fedora
|
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-6866
|
2024-11-21 11:56 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266164
|
5.5 |
MEDIUM
Local
|
libav
|
libav
|
Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6832
|
2024-11-21 11:56 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266165
|
9.8 |
CRITICAL
Network
|
netapp
|
oncommand_unified_manager_for_clustered_data_ontap
|
NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-6667
|
2024-11-21 11:56 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266166
|
5.9 |
MEDIUM
Network
|
netapp
|
data_ontap
|
NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access.
|
CWE-200
Information Exposure
|
CVE-2016-6495
|
2024-11-21 11:56 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266167
|
8.1 |
HIGH
Network
|
forgerock
|
racf_connector
|
Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote …
|
CWE-20
Improper Input Validation
|
CVE-2016-6500
|
2024-11-21 11:56 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266168
|
6.7 |
MEDIUM
Local
|
emc
|
recoverpoint_for_virtual_machines
recoverpoint
|
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with …
|
CWE-77
Command Injection
|
CVE-2016-6649
|
2024-11-21 11:56 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266169
|
4.4 |
MEDIUM
Local
|
emc
|
recoverpoint_for_virtual_machines
recoverpoint
|
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissi…
|
CWE-275
Permission Issues
|
CVE-2016-6648
|
2024-11-21 11:56 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266170
|
8.6 |
HIGH
Network
|
phpmyadmin
|
phpmyadmin
|
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2016-6621
|
2024-11-21 11:56 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
