|
267371
|
5.3 |
MEDIUM
Network
|
ntp
|
ntp
|
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted …
|
CWE-200
Information Exposure
|
CVE-2016-1550
|
2024-11-21 11:46 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267372
|
6.5 |
MEDIUM
Network
|
ntp
|
ntp
|
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a…
|
CWE-19
Data Processing Errors
|
CVE-2016-1549
|
2024-11-21 11:46 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267373
|
7.2 |
HIGH
Network
|
ntp
|
ntp
|
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p…
|
CWE-19
Data Processing Errors
|
CVE-2016-1548
|
2024-11-21 11:46 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267374
|
5.3 |
MEDIUM
Network
|
ntp
|
ntp
|
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a vi…
|
CWE-20
Improper Input Validation
|
CVE-2016-1547
|
2024-11-21 11:46 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267375
|
5.9 |
MEDIUM
Network
|
cisco
|
content_security_management_appliance
email_security_appliance
web_security_appliance
|
A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SM…
|
CWE-310
Cryptographic Issues
|
CVE-2016-1411
|
2024-11-21 11:46 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267376
|
8.1 |
HIGH
Network
|
dbd-mysql_project
|
dbd-mysql
|
There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare…
|
CWE-416
Use After Free
|
CVE-2016-1251
|
2024-11-21 11:46 |
2016-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267377
|
7.8 |
HIGH
Local
|
f5
fedoraproject
|
nginx
fedora
|
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu…
|
CWE-59
Link Following
|
CVE-2016-1247
|
2024-11-21 11:46 |
2016-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267378
|
7.8 |
HIGH
Local
|
vim
debian
|
vim
debian_linux
|
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted m…
|
CWE-20
Improper Input Validation
|
CVE-2016-1248
|
2024-11-21 11:46 |
2016-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267379
|
6.1 |
MEDIUM
Network
|
cisco
|
email_security_appliance
|
A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to …
|
CWE-79
Cross-site Scripting
|
CVE-2016-1423
|
2024-11-21 11:46 |
2016-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267380
|
7.5 |
HIGH
Network
|
cisco
|
email_security_appliance
|
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenti…
|
CWE-19
Data Processing Errors
|
CVE-2016-1486
|
2024-11-21 11:46 |
2016-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
