|
266071
|
8.8 |
HIGH
Network
|
ge
|
ups_snmp_web_adapter_firmware
|
General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors.
|
CWE-77
Command Injection
|
CVE-2016-0861
|
2024-11-21 11:42 |
2016-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266072
|
7.5 |
HIGH
Network
|
carel
|
plantvisor_enhanced
|
CAREL PlantVisorEnhanced allows remote attackers to bypass intended access restrictions via a direct file request.
|
CWE-200
Information Exposure
|
CVE-2016-0867
|
2024-11-21 11:42 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266073
|
5.3 |
MEDIUM
Network
|
prosody
|
prosody
|
The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network…
|
CWE-20
Improper Input Validation
|
CVE-2016-0756
|
2024-11-21 11:42 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266074
|
7.3 |
HIGH
Network
|
haxx
canonical
debian
|
curl
ubuntu_linux
debian_linux
|
The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users vi…
|
CWE-287
Improper Authentication
|
CVE-2016-0755
|
2024-11-21 11:42 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266075
|
5.3 |
MEDIUM
Network
|
haxx
|
curl
|
cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.
|
CWE-20
Improper Input Validation
|
CVE-2016-0754
|
2024-11-21 11:42 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266076
|
7.5 |
HIGH
Network
|
openstack
|
swift
|
OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (pro…
|
CWE-399
Resource Management Errors
|
CVE-2016-0738
|
2024-11-21 11:42 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266077
|
7.5 |
HIGH
Network
|
openstack
|
swift
|
OpenStack Object Storage (Swift) before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series o…
|
CWE-399
Resource Management Errors
|
CVE-2016-0737
|
2024-11-21 11:42 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266078
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
1763-l16awa_series_a
1763-l16awa_series_b
1763-l16bbb_series_a
1763-l16bbb_series_b
1763-l16bwa_series_a
1763-l16bwa_series_b
1763-l16dwd_series_a
1763-l16dwd_series_b
|
Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web reque…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-0868
|
2024-11-21 11:42 |
2016-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266079
|
5.0 |
MEDIUM
Local
|
microsys
|
promotic
|
Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-0869
|
2024-11-21 11:42 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266080
|
- |
|
oracle
|
solaris
|
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.
|
NVD-CWE-noinfo
|
CVE-2016-0618
|
2024-11-21 11:42 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
