|
265381
|
3.3 |
LOW
Local
|
samsung
|
galaxy_s6_firmware
|
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.
|
CWE-200
Information Exposure
|
CVE-2016-2565
|
2024-11-21 11:48 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265382
|
9.8 |
CRITICAL
Network
|
atutor
|
atutor
|
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
|
CWE-89
SQL Injection
|
CVE-2016-2555
|
2024-11-21 11:48 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265383
|
6.1 |
MEDIUM
Network
|
mozilla
|
bugzilla
|
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2016-2803
|
2024-11-21 11:48 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265384
|
7.5 |
HIGH
Network
|
huawei
|
s5700_firmware
s6700_firmware
s7700_firmware
s9700_firmware
s12700_firmware
acu2_firmware
|
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2404
|
2024-11-21 11:48 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265385
|
8.8 |
HIGH
Adjacent
|
pidgin
|
mxit
|
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain log…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-2379
|
2024-11-21 11:48 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265386
|
7.5 |
HIGH
Network
|
uclibc-ng_project
|
uclibc-ng
|
The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-2225
|
2024-11-21 11:48 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265387
|
7.5 |
HIGH
Network
|
uclibc-ng_project
|
uclibc-ng
|
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-2224
|
2024-11-21 11:48 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265388
|
4.3 |
MEDIUM
Network
|
huawei
|
document_security_management
|
The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by l…
|
CWE-275
Permission Issues
|
CVE-2016-2406
|
2024-11-21 11:48 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265389
|
7.8 |
HIGH
Local
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference #: 1997340.
|
CWE-320
Key Management Errors
|
CVE-2016-2880
|
2024-11-21 11:48 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265390
|
7.8 |
HIGH
Local
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference #: 1997341.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-2879
|
2024-11-21 11:48 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
