|
267081
|
9.8 |
CRITICAL
Network
|
nuuo
|
nvrmini_2
nvrsolo
|
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-5678
|
2024-11-21 11:54 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267082
|
7.5 |
HIGH
Network
|
netgear
nuuo
|
readynas_surveillance
nvrmini_2
nvrsolo
|
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows…
|
CWE-200
Information Exposure
|
CVE-2016-5677
|
2024-11-21 11:54 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267083
|
7.5 |
HIGH
Network
|
netgear
nuuo
|
readynas_surveillance
nvrsolo
nvrmini_2
|
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator passwo…
|
CWE-285
Improper Authorization
|
CVE-2016-5676
|
2024-11-21 11:54 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267084
|
9.8 |
CRITICAL
Network
|
netgear
nuuo
|
readynas_surveillance
crystal
nvrsolo
nvrmini_2
|
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remot…
|
CWE-20
Improper Input Validation
|
CVE-2016-5675
|
2024-11-21 11:54 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267085
|
9.8 |
CRITICAL
Network
|
netgear
nuuo
|
readynas_surveillance
nvrmini_2
nvrsolo
|
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbit…
|
CWE-20
Improper Input Validation
|
CVE-2016-5674
|
2024-11-21 11:54 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267086
|
9.8 |
CRITICAL
Network
|
vmware
|
vrealize_automation
|
VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5336
|
2024-11-21 11:54 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267087
|
7.8 |
HIGH
Local
|
vmware
|
identity_manager
vrealize_automation
|
VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5335
|
2024-11-21 11:54 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267088
|
9.8 |
CRITICAL
Network
|
vmware
|
photon_os
|
VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-5333
|
2024-11-21 11:54 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267089
|
5.3 |
MEDIUM
Network
|
vmware
|
vrealize_log_insight
|
Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2016-5332
|
2024-11-21 11:54 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267090
|
9.8 |
CRITICAL
Network
|
google
linux
|
android
linux_kernel
|
Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5344
|
2024-11-21 11:54 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
