|
267841
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1716
|
2024-11-21 11:46 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267842
|
6.1 |
MEDIUM
Network
|
siemens
|
ozw672_firmware
ozw772_firmware
|
Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1488
|
2024-11-21 11:46 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267843
|
6.1 |
MEDIUM
Network
|
cisco
|
unity_connection
|
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1304
|
2024-11-21 11:46 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267844
|
7.5 |
HIGH
Network
|
cisco
|
500_series_switch_firmware
|
The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330.
|
CWE-20
Improper Input Validation
|
CVE-2016-1303
|
2024-11-21 11:46 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267845
|
7.5 |
HIGH
Network
|
intel
|
driver_update_utility
|
Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-1493
|
2024-11-21 11:46 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267846
|
6.1 |
MEDIUM
Network
|
cisco
|
unity_connection
|
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC) 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1300
|
2024-11-21 11:46 |
2016-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267847
|
5.3 |
MEDIUM
Network
|
cisco
|
300_series_managed_switch_firmware
|
The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote attackers to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw871…
|
CWE-399
Resource Management Errors
|
CVE-2016-1299
|
2024-11-21 11:46 |
2016-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267848
|
8.1 |
HIGH
Network
|
tuxfamily
|
chrony
|
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arb…
|
CWE-254
7PK - Security Features
|
CVE-2016-1567
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267849
|
6.1 |
MEDIUM
Adjacent
|
lenovo
|
shareit
|
The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveragi…
|
CWE-284
Improper Access Control
|
CVE-2016-1492
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267850
|
8.8 |
HIGH
Adjacent
|
lenovo
|
shareit
|
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by lev…
|
CWE-255
Credentials Management
|
CVE-2016-1491
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
