|
266021
|
9.8 |
CRITICAL
Network
|
tcpdump
|
tcpdump
|
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7922
|
2024-11-21 11:58 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266022
|
5.5 |
MEDIUM
Local
|
docker2aci_project
|
docker2aci
|
Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. (dot dot) in the embedded layer data in an image.
|
CWE-22
Path Traversal
|
CVE-2016-7569
|
2024-11-21 11:58 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266023
|
8.8 |
HIGH
Adjacent
|
ubiquiti_networks
|
unifi_ap_ac_lite_firmware
|
Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it.
|
CWE-284
Improper Access Control
|
CVE-2016-7792
|
2024-11-21 11:58 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266024
|
9.8 |
CRITICAL
Network
|
openslp
|
openslp
|
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7567
|
2024-11-21 11:58 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266025
|
9.8 |
CRITICAL
Network
|
sociomantic
|
git-hub
|
sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name.
|
CWE-284
Improper Access Control
|
CVE-2016-7794
|
2024-11-21 11:58 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266026
|
8.8 |
HIGH
Network
|
sociomantic
|
git-hub
|
sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL.
|
CWE-284
Improper Access Control
|
CVE-2016-7793
|
2024-11-21 11:58 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266027
|
8.8 |
HIGH
Local
|
selinux_project
fedoraproject
redhat
|
selinux
fedora
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_tus
|
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
|
CWE-284
Improper Access Control
|
CVE-2016-7545
|
2024-11-21 11:58 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266028
|
8.4 |
HIGH
Local
|
gnu
fedoraproject
|
bash
fedora
|
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
|
CWE-20
Improper Input Validation
|
CVE-2016-7543
|
2024-11-21 11:58 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266029
|
6.1 |
MEDIUM
Network
|
emc
|
documentum_webtop
documentum_administrator
documentum_taskspace
documentum_capital_projects
|
EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8213
|
2024-11-21 11:58 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266030
|
7.4 |
HIGH
Network
|
spip
|
spip
|
ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2016-7999
|
2024-11-21 11:58 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
