|
273611
|
7.5 |
HIGH
Network
|
gnu
|
glibc
|
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (me…
|
CWE-399
Resource Management Errors
|
CVE-2016-5417
|
2024-11-21 11:54 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273612
|
8.8 |
HIGH
Network
|
simplemachines
|
simple_machines_forum
|
LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input…
|
CWE-94
Code Injection
|
CVE-2016-5727
|
2024-11-21 11:54 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273613
|
9.8 |
CRITICAL
Network
|
simplemachines
|
simple_machines_forum
|
Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter.
|
CWE-94
Code Injection
|
CVE-2016-5726
|
2024-11-21 11:54 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273614
|
9.8 |
CRITICAL
Network
|
netapp
|
virtual_storage_console_for_vmware_vsphere
|
NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a non-unique certificate, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5711
|
2024-11-21 11:54 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273615
|
6.3 |
MEDIUM
Network
|
netapp
|
snap_creator_framework
|
Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact…
|
CWE-352
Origin Validation Error
|
CVE-2016-5372
|
2024-11-21 11:54 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273616
|
5.5 |
MEDIUM
Local
|
pacman_project
|
pacman
|
libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file.
|
CWE-399 CWE-125
Resource Management Errors Out-of-bounds Read
|
CVE-2016-5434
|
2024-11-21 11:54 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273617
|
9.8 |
CRITICAL
Network
|
sixapart
|
movable_type movable_type_open_source
|
SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers t…
|
CWE-89
SQL Injection
|
CVE-2016-5742
|
2024-11-21 11:54 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273618
|
7.8 |
HIGH
Local
|
microsoft
|
skype
|
Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5720
|
2024-11-21 11:54 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273619
|
7.5 |
HIGH
Network
|
onelogin
|
ruby-saml
|
Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors.
|
CWE-91
Blind XPath Injection
|
CVE-2016-5697
|
2024-11-21 11:54 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273620
|
7.5 |
HIGH
Network
|
libtiff opensuse
|
libtiff opensuse
|
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.
|
CWE-369
Divide By Zero
|
CVE-2016-5323
|
2024-11-21 11:54 |
2017-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|