|
265801
|
5.3 |
MEDIUM
Network
|
openafs
|
openafs
|
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow…
|
CWE-200
Information Exposure
|
CVE-2016-4536
|
2024-11-21 11:52 |
2016-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265802
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4499
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265803
|
5.5 |
MEDIUM
Network
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
CWE-20
Improper Input Validation
|
CVE-2016-4498
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265804
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
|
CWE-20
Improper Input Validation
|
CVE-2016-4497
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265805
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4496
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265806
|
6.1 |
MEDIUM
Network
|
ikiwiki
debian
|
ikiwiki
debian_linux
|
Cross-site scripting (XSS) vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4561
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265807
|
7.5 |
HIGH
Network
|
squid-cache
oracle
canonical
|
squid
linux
ubuntu_linux
|
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
|
NVD-CWE-Other
|
CVE-2016-4556
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265808
|
7.5 |
HIGH
Network
|
squid-cache
canonical
oracle
|
squid
ubuntu_linux
linux
|
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
|
CWE-20
Improper Input Validation
|
CVE-2016-4555
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265809
|
8.6 |
HIGH
Network
|
oracle
squid-cache
canonical
|
linux
squid
ubuntu_linux
|
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header sm…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-4554
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265810
|
8.6 |
HIGH
Network
|
canonical
squid-cache
oracle
|
ubuntu_linux
squid
linux
|
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks vi…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-4553
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
