|
265031
|
7.8 |
HIGH
Local
|
haxx
|
curl
|
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking atta…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-4802
|
2024-11-21 11:53 |
2016-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265032
|
5.6 |
MEDIUM
Network
|
ntt-bp
|
japan_connected-free_wi-fi
|
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified…
|
CWE-284
Improper Access Control
|
CVE-2016-4811
|
2024-11-21 11:53 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265033
|
5.3 |
MEDIUM
Network
|
iodata
|
etx-r_firmware
|
I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-4821
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265034
|
8.8 |
HIGH
Network
|
iodata
|
etx-r_firmware
|
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2016-4820
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265035
|
9.8 |
CRITICAL
Network
|
dx_library_project
|
dx_library
|
The printfDx function in Takumi Yamada DX Library for Borland C++ 3.13f through 3.16b, DX Library for Gnu C++ 3.13f through 3.16b, and DX Library for Visual C++ 3.13f through 3.16b allows remote atta…
|
NVD-CWE-Other
|
CVE-2016-4819
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265036
|
7.5 |
HIGH
Network
|
dena
|
h2o
|
lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 mishandles HTTP/2 disconnection, which allows remote attackers to cause a denial of service (use-after-free and application crash…
|
NVD-CWE-Other
|
CVE-2016-4817
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265037
|
6.5 |
MEDIUM
Network
|
buffalo
|
wzr-600dhp3_firmware
hw-450hp-zwe_firmware
wzr-hp-g450h_firmware
wzr-450hp_firmware
wzr-900dhp2_firmware
wcr-300_firmware
wzr-450hp-cwt_firmware
wzr-hp-g301nh_firmware
wxr-175…
|
BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4816
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265038
|
7.5 |
HIGH
Network
|
buffalo
|
wzr-900dhp2_firmware
wzr-600dhp3_firmware
wzr-s900dhp_firmware
wzr-s600dhp_firmware
wzr-900dhp_firmware
wzr-600dhp2_firmware
|
Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files …
|
CWE-22
Path Traversal
|
CVE-2016-4815
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265039
|
7.5 |
HIGH
Network
|
gsi
|
old_gsi_maps
|
Directory traversal vulnerability in kml2jsonp.php in Geospatial Information Authority of Japan (aka GSI) Old_GSI_Maps before January 2015 on Windows allows remote attackers to read arbitrary files v…
|
CWE-22
Path Traversal
|
CVE-2016-4814
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265040
|
8.8 |
HIGH
Network
|
netcommons
|
netcommons
|
NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat (aka CLERK) users to gain privileges by creating a SYSTEM_ADMIN account.
|
CWE-284
Improper Access Control
|
CVE-2016-4813
|
2024-11-21 11:53 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
