|
266121
|
7.8 |
HIGH
Local
|
libtiff
|
libtiff
|
Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10092
|
2024-11-21 11:43 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266122
|
7.5 |
HIGH
Network
|
opensuse
tigervnc
|
leap
tigervnc
|
The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10207
|
2024-11-21 11:43 |
2017-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266123
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10029
|
2024-11-21 11:43 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266124
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (ou…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10028
|
2024-11-21 11:43 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266125
|
7.5 |
HIGH
Network
|
muscle
canonical
|
pcsc-lite
ubuntu_linux
|
Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the…
|
CWE-416
Use After Free
|
CVE-2016-10109
|
2024-11-21 11:43 |
2017-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266126
|
7.5 |
HIGH
Network
|
zyxel
|
usg50_firmware
nwa3560-n_firmware
|
Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets.
|
CWE-399
Resource Management Errors
|
CVE-2016-10227
|
2024-11-21 11:43 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266127
|
9.8 |
CRITICAL
Network
|
zabbix
|
zabbix
|
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
|
CWE-89
SQL Injection
|
CVE-2016-10134
|
2024-11-21 11:43 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266128
|
7.8 |
HIGH
Local
|
nagios
|
nagios
|
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10089
|
2024-11-21 11:43 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266129
|
5.4 |
MEDIUM
Network
|
bigtreecms
|
bigtree_cms
|
An issue was discovered in BigTree CMS before 4.2.15. The vulnerability exists due to insufficient filtration of user-supplied data in the "id" HTTP GET parameter passed to the "core/admin/adjax/dash…
|
CWE-284
Improper Access Control
|
CVE-2016-10223
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266130
|
7.2 |
HIGH
Network
|
sauter-controls
|
novaweb_web_hmi
|
An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is v…
|
CWE-254
7PK - Security Features
|
CVE-2016-10224
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
