|
265141
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4499
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265142
|
5.5 |
MEDIUM
Network
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
CWE-20
Improper Input Validation
|
CVE-2016-4498
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265143
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
|
CWE-20
Improper Input Validation
|
CVE-2016-4497
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265144
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4496
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265145
|
6.1 |
MEDIUM
Network
|
ikiwiki
debian
|
ikiwiki
debian_linux
|
Cross-site scripting (XSS) vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4561
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265146
|
7.5 |
HIGH
Network
|
squid-cache
oracle
canonical
|
squid
linux
ubuntu_linux
|
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
|
NVD-CWE-Other
|
CVE-2016-4556
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265147
|
7.5 |
HIGH
Network
|
squid-cache
canonical
oracle
|
squid
ubuntu_linux
linux
|
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
|
CWE-20
Improper Input Validation
|
CVE-2016-4555
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265148
|
8.6 |
HIGH
Network
|
oracle
squid-cache
canonical
|
linux
squid
ubuntu_linux
|
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header sm…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-4554
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265149
|
8.6 |
HIGH
Network
|
canonical
squid-cache
oracle
|
ubuntu_linux
squid
linux
|
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks vi…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-4553
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265150
|
7.8 |
HIGH
Local
|
google
|
android
|
wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or caus…
|
CWE-19
Data Processing Errors
|
CVE-2016-4477
|
2024-11-21 11:52 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
