|
267931
|
5.5 |
MEDIUM
Local
|
lg
|
lg_mobile
|
An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with …
|
CWE-200
Information Exposure
|
CVE-2016-10135
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267932
|
5.9 |
MEDIUM
Network
|
igniterealtime
fedoraproject
|
smack
fedora
|
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of clea…
|
CWE-362
Race Condition
|
CVE-2016-10027
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267933
|
9.8 |
CRITICAL
Network
|
codeigniter
|
codeigniter
|
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.
|
CWE-74
Injection
|
CVE-2016-10131
|
2024-11-21 11:43 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267934
|
9.8 |
CRITICAL
Network
|
splunk
|
splunk
|
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10126
|
2024-11-21 11:43 |
2017-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267935
|
8.1 |
HIGH
Network
|
dlink
|
dgs-1100_firmware
|
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-10125
|
2024-11-21 11:43 |
2017-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267936
|
8.6 |
HIGH
Network
|
linuxcontainers
|
lxc
|
An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push c…
|
CWE-284
Improper Access Control
|
CVE-2016-10124
|
2024-11-21 11:43 |
2017-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267937
|
8.1 |
HIGH
Network
|
schedmd
|
slurm
|
The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure o…
|
CWE-284
Improper Access Control
|
CVE-2016-10030
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267938
|
7.8 |
HIGH
Local
|
openbsd
|
openssh
|
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local use…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10012
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267939
|
5.5 |
MEDIUM
Local
|
openbsd
|
openssh
|
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging …
|
CWE-320
Key Management Errors
|
CVE-2016-10011
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267940
|
7.0 |
HIGH
Local
|
openbsd
|
openssh
|
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10010
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
