|
265361
|
9.8 |
CRITICAL
Network
|
apple
php
|
mac_os_x
php
|
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3141
|
2024-11-21 11:49 |
2016-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265362
|
5.3 |
MEDIUM
Network
|
opensuse
mit
|
leap
opensuse
kerberos_5
|
The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the D…
|
NVD-CWE-Other
|
CVE-2016-3119
|
2024-11-21 11:49 |
2016-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265363
|
6.4 |
MEDIUM
Network
|
dropbear_ssh_project
|
dropbear_ssh
|
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
|
NVD-CWE-Other
|
CVE-2016-3116
|
2024-11-21 11:49 |
2016-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265364
|
6.4 |
MEDIUM
Network
|
openbsd
oracle
|
openssh
vm_server
|
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, re…
|
NVD-CWE-Other
|
CVE-2016-3115
|
2024-11-21 11:49 |
2016-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265365
|
3.4 |
LOW
Local
|
siemens
|
apogee_insight
|
Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-3155
|
2024-11-21 11:49 |
2016-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265366
|
9.8 |
CRITICAL
Network
|
pcre
|
pcre
pcre2
|
The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parent…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3191
|
2024-11-21 11:49 |
2016-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265367
|
9.8 |
CRITICAL
Network
|
ruby-lang
debian
|
ruby
debian_linux
|
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags …
|
CWE-787
Out-of-bounds Write
|
CVE-2016-2338
|
2024-11-21 11:48 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265368
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2360
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265369
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.
|
CWE-287
Improper Authentication
|
CVE-2016-2359
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265370
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user account…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2358
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
