|
264811
|
7.8 |
HIGH
Local
|
siemens
|
sinema_server
|
Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6486
|
2024-11-21 11:56 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264812
|
7.5 |
HIGH
Network
|
openbsd
fedoraproject
|
openssh
fedora
|
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (cryp…
|
CWE-20
Improper Input Validation
|
CVE-2016-6515
|
2024-11-21 11:56 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264813
|
8.8 |
HIGH
Network
|
wordpress
|
wordpress
|
Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authent…
|
CWE-352
Origin Validation Error
|
CVE-2016-6635
|
2024-11-21 11:56 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264814
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-6634
|
2024-11-21 11:56 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264815
|
5.9 |
MEDIUM
Network
|
wireshark
|
wireshark
|
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application cras…
|
CWE-399
Resource Management Errors
|
CVE-2016-6513
|
2024-11-21 11:56 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264816
|
5.9 |
MEDIUM
Network
|
wireshark
|
wireshark
|
epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a c…
|
CWE-20
Improper Input Validation
|
CVE-2016-6512
|
2024-11-21 11:56 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264817
|
5.9 |
MEDIUM
Network
|
wireshark
|
wireshark
|
epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet.
|
CWE-399
Resource Management Errors
|
CVE-2016-6511
|
2024-11-21 11:56 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264818
|
5.9 |
MEDIUM
Network
|
wireshark
|
wireshark
|
Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer …
|
CWE-189
Numeric Errors
|
CVE-2016-6510
|
2024-11-21 11:56 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264819
|
5.9 |
MEDIUM
Network
|
wireshark
|
wireshark
|
epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (appli…
|
CWE-20
Improper Input Validation
|
CVE-2016-6509
|
2024-11-21 11:56 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264820
|
5.9 |
MEDIUM
Network
|
wireshark
|
wireshark
|
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of servi…
|
CWE-399
Resource Management Errors
|
CVE-2016-6508
|
2024-11-21 11:56 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
