|
266171
|
7.5 |
HIGH
Network
|
php
|
php
|
The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10161
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266172
|
9.8 |
CRITICAL
Network
|
php
netapp
debian
|
php
clustered_data_ontap
debian_linux
|
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possib…
|
CWE-193
Off-by-one Error
|
CVE-2016-10160
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266173
|
7.5 |
HIGH
Network
|
php
debian
|
php
debian_linux
|
Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or applic…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-10159
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266174
|
7.5 |
HIGH
Network
|
php
|
php
|
The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via …
|
CWE-189
Numeric Errors
|
CVE-2016-10158
|
2024-11-21 11:43 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266175
|
9.8 |
CRITICAL
Network
|
akamai
|
netsession
|
Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because the mentioned DLL is missing from the inst…
|
CWE-94
Code Injection
|
CVE-2016-10157
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266176
|
7.8 |
HIGH
Local
|
systemd_project
|
systemd
|
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. Th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10156
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266177
|
5.9 |
MEDIUM
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-10104
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266178
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for G…
|
CWE-255
CWE-326
Credentials Management
Inadequate Encryption Strength
|
CVE-2016-10103
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266179
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-10102
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266180
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in Hitek Software's Automize 10.x and 11.x passManager.jsd. Users have the Read attribute, which allows an attacker to recover the encrypted password to access the Pa…
|
CWE-255
CWE-326
Credentials Management
Inadequate Encryption Strength
|
CVE-2016-10101
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
