|
266771
|
6.5 |
MEDIUM
Network
|
ecava
|
integraxor
|
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors.
|
CWE-287
Improper Authentication
|
CVE-2016-2300
|
2024-11-21 11:48 |
2016-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266772
|
7.3 |
HIGH
Network
|
ecava
|
integraxor
|
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2016-2299
|
2024-11-21 11:48 |
2016-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266773
|
7.5 |
HIGH
Network
|
accuenergy
|
acuvim_ii_net_firmware
acuvim_iir_net_firmware
|
The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and Acuvim IIR NET Firmware 3.08 allows remote attackers to discover a cleartext mail-server password via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-2294
|
2024-11-21 11:48 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266774
|
8.6 |
HIGH
Network
|
accuenergy
|
acuvim_iir_net_firmware
acuvim_ii_net_firmware
|
The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and Acuvim IIR NET Firmware 3.08 allows remote attackers to discover settings via a direct request to an unspecified URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2293
|
2024-11-21 11:48 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266775
|
7.5 |
HIGH
Network
|
honeywell
|
uniformance_process_history_database
|
Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and R321 allows remote attackers to cause a denial of service (service outage) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2280
|
2024-11-21 11:48 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266776
|
5.5 |
MEDIUM
Local
|
symantec
|
altiris_it_management_suite
|
The Inventory Solution component in the Management Agent in the client in Symantec Altiris IT Management Suite (ITMS) through 7.6 HF7 allows local users to bypass intended application-blacklist restr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2202
|
2024-11-21 11:48 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266777
|
5.9 |
MEDIUM
Network
|
squid-cache
|
squid
|
The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows…
|
CWE-20
Improper Input Validation
|
CVE-2016-2390
|
2024-11-21 11:48 |
2016-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266778
|
5.5 |
MEDIUM
Local
|
google
|
android
|
server/content/ContentService.java in the Framework component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a GET_ACCOUNTS permissi…
|
CWE-200
Information Exposure
|
CVE-2016-2426
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266779
|
5.5 |
MEDIUM
Local
|
google
|
android
|
mail/compose/ComposeActivity.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 supports file:///data attachments, which allows attackers…
|
CWE-200
Information Exposure
|
CVE-2016-2425
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266780
|
5.5 |
MEDIUM
Local
|
google
|
android
|
server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allo…
|
CWE-20
Improper Input Validation
|
CVE-2016-2424
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
