|
264911
|
8.1 |
HIGH
Network
|
lenovo
|
updates
|
Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8237
|
2024-11-21 11:59 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264912
|
7.8 |
HIGH
Local
|
lenovo
|
customer_care_software_development_kit
|
Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8235
|
2024-11-21 11:59 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264913
|
7.5 |
HIGH
Adjacent
|
huawei
|
oceanstor_5600_v3_firmware
|
Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys are used to encrypt communication data and authenticate different nodes of the devices. An attacker may …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-8754
|
2024-11-21 11:59 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264914
|
6.5 |
MEDIUM
Network
|
huawei
|
anyoffice
|
Huawei AnyOffice V200R006C00 could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb.
|
CWE-20
Improper Input Validation
|
CVE-2016-8275
|
2024-11-21 11:59 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264915
|
7.8 |
HIGH
Local
|
huawei
|
hisuite
|
Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code.
|
CWE-284
Improper Access Control
|
CVE-2016-8274
|
2024-11-21 11:59 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264916
|
7.8 |
HIGH
Local
|
huawei
|
hisuite
|
Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can la…
|
CWE-20
CWE-284
Improper Input Validation
Improper Access Control
|
CVE-2016-8273
|
2024-11-21 11:59 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264917
|
5.3 |
MEDIUM
Local
|
huawei
|
hisuite
|
Huawei PC client software HiSuite 4.0.5.300_OVE has an information leak vulnerability; an attacker who can log in to the system can copy out the user's proxy password, causing information leaks.
|
CWE-200
Information Exposure
|
CVE-2016-8272
|
2024-11-21 11:59 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264918
|
5.3 |
MEDIUM
Network
|
huawei
|
espace_iad_firmware
|
Huawei eSpace IAD V300R002C01SPC100 and earlier versions have an information leak vulnerability; an attacker can check and download the fault information by accessing a special URL.
|
CWE-200
Information Exposure
|
CVE-2016-8271
|
2024-11-21 11:59 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264919
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-8749
|
2024-11-21 11:59 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264920
|
7.5 |
HIGH
Network
|
apache
|
tomcat
|
An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data …
|
CWE-200
Information Exposure
|
CVE-2016-8747
|
2024-11-21 11:59 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
