|
270001
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation fa…
|
CWE-287
Improper Authentication
|
CVE-2016-1888
|
2024-11-21 11:47 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270002
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1883
|
2024-11-21 11:47 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270003
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1881
|
2024-11-21 11:47 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270004
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "han…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1880
|
2024-11-21 11:47 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270005
|
9.8 |
CRITICAL
Network
|
busybox
debian
canonical
|
busybox
debian_linux
ubuntu_linux
|
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2148
|
2024-11-21 11:47 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270006
|
7.5 |
HIGH
Network
|
busybox
debian
canonical
|
busybox
debian_linux
ubuntu_linux
|
Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-o…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-2147
|
2024-11-21 11:47 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270007
|
8.1 |
HIGH
Network
|
netapp
|
oncommand_workflow_automation
|
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-1894
|
2024-11-21 11:47 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270008
|
6.5 |
MEDIUM
Network
|
libdwarf_project
|
libdwarf
|
The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf file.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-2050
|
2024-11-21 11:47 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270009
|
5.5 |
MEDIUM
Local
|
samsung
|
knox
|
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
|
CWE-284
Improper Access Control
|
CVE-2016-1920
|
2024-11-21 11:47 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270010
|
4.7 |
MEDIUM
Local
|
samsung
|
knox
|
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2016-1919
|
2024-11-21 11:47 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
