|
267151
|
5.9 |
MEDIUM
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-10104
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267152
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for G…
|
CWE-255
CWE-326
Credentials Management
Inadequate Encryption Strength
|
CVE-2016-10103
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267153
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-10102
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267154
|
8.1 |
HIGH
Network
|
hiteksoftware
|
automize
|
Information Disclosure can occur in Hitek Software's Automize 10.x and 11.x passManager.jsd. Users have the Read attribute, which allows an attacker to recover the encrypted password to access the Pa…
|
CWE-255
CWE-326
Credentials Management
Inadequate Encryption Strength
|
CVE-2016-10101
|
2024-11-21 11:43 |
2017-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267155
|
7.5 |
HIGH
Network
|
tiki
|
tikiwiki_cms\/groupware
|
A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field.
|
CWE-200
Information Exposure
|
CVE-2016-10143
|
2024-11-21 11:43 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267156
|
7.8 |
HIGH
Local
|
tqdm_project
|
tqdm
|
The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory.
|
CWE-17
Code
|
CVE-2016-10075
|
2024-11-21 11:43 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267157
|
8.1 |
HIGH
Network
|
ca
|
service_desk_management
service_desk_manager
|
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10086
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267158
|
4.3 |
MEDIUM
Network
|
wordpress
|
wordpress
|
The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authen…
|
CWE-254
CWE-284
7PK - Security Features
Improper Access Control
|
CVE-2016-10148
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267159
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-10147
|
2024-11-21 11:43 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267160
|
8.6 |
HIGH
Network
|
ietf
|
ipv6
|
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security …
|
CWE-17
Code
|
CVE-2016-10142
|
2024-11-21 11:43 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
