|
266491
|
7.5 |
HIGH
Network
|
php
|
php
|
The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via …
|
CWE-189
Numeric Errors
|
CVE-2016-10158
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266492
|
9.8 |
CRITICAL
Network
|
akamai
|
netsession
|
Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because the mentioned DLL is missing from the inst…
|
CWE-94
Code Injection
|
CVE-2016-10157
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266493
|
7.8 |
HIGH
Local
|
systemd_project
|
systemd
|
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. Th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10156
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266494
|
5.9 |
MEDIUM
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-10104
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266495
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for G…
|
CWE-255
CWE-326
Credentials Management
Inadequate Encryption Strength
|
CVE-2016-10103
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266496
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-10102
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266497
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in Hitek Software's Automize 10.x and 11.x passManager.jsd. Users have the Read attribute, which allows an attacker to recover the encrypted password to access the Pa…
|
CWE-255
CWE-326
Credentials Management
Inadequate Encryption Strength
|
CVE-2016-10101
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266498
|
7.5 |
HIGH
Network
|
tiki
|
tikiwiki_cms\/groupware
|
A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field.
|
CWE-200
Information Exposure
|
CVE-2016-10143
|
2024-11-21 11:43 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266499
|
7.8 |
HIGH
Local
|
tqdm_project
|
tqdm
|
The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory.
|
CWE-17
Code
|
CVE-2016-10075
|
2024-11-21 11:43 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266500
|
8.1 |
HIGH
Network
|
ca
|
service_desk_management
service_desk_manager
|
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10086
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
