|
266911
|
9.8 |
CRITICAL
Network
|
oracle
imagemagick
|
solaris
imagemagick
|
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing th…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-5690
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266912
|
9.8 |
CRITICAL
Network
|
oracle
imagemagick
|
solaris
imagemagick
|
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-5689
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266913
|
8.1 |
HIGH
Network
|
oracle
imagemagick
|
solaris
imagemagick
|
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-va…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5688
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266914
|
9.8 |
CRITICAL
Network
|
imagemagick
oracle
|
imagemagick
solaris
|
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-b…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-5687
|
2024-11-21 11:54 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266915
|
7.1 |
HIGH
Network
|
debian
postgresql
|
debian_linux
postgresql
|
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain supe…
|
CWE-94
Code Injection
|
CVE-2016-5424
|
2024-11-21 11:54 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266916
|
8.3 |
HIGH
Network
|
debian
postgresql
|
debian_linux
postgresql
|
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference …
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-5423
|
2024-11-21 11:54 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266917
|
5.9 |
MEDIUM
Network
|
google
|
android
|
The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a denial of service (GPS signal-acquisition delay) via an incorrect xtra.bin or xtra2.bin file on a spoofed …
|
CWE-284
Improper Access Control
|
CVE-2016-5341
|
2024-11-21 11:54 |
2016-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266918
|
8.8 |
HIGH
Network
|
dell
|
idrac7_firmware
idrac8_firmware
|
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.
|
CWE-74
Injection
|
CVE-2016-5685
|
2024-11-21 11:54 |
2016-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266919
|
8.8 |
HIGH
Network
|
apache
|
hadoop
|
In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service.
|
CWE-284
Improper Access Control
|
CVE-2016-5393
|
2024-11-21 11:54 |
2016-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266920
|
6.5 |
MEDIUM
Network
|
microfocus
|
host_access_management_and_security_server
reflection_zfe
reflection_for_the_web
reflection_security_gateway
|
Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote un…
|
CWE-22
CWE-200
Path Traversal
Information Exposure
|
CVE-2016-5765
|
2024-11-21 11:54 |
2016-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
