|
265091
|
4.4 |
MEDIUM
Local
|
qemu
canonical
debian
|
qemu
ubuntu_linux
debian_linux
|
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2016-4453
|
2024-11-21 11:52 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265092
|
7.5 |
HIGH
Network
|
sensiolabs
debian
|
symfony
debian_linux
|
The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x befo…
|
CWE-399
Resource Management Errors
|
CVE-2016-4423
|
2024-11-21 11:52 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265093
|
9.1 |
CRITICAL
Network
|
apache
|
qpid_broker-j
|
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to co…
|
CWE-287
Improper Authentication
|
CVE-2016-4432
|
2024-11-21 11:52 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265094
|
5.8 |
MEDIUM
Network
|
moxa
|
uc-7408_lx-plus
uc-7408_lx-plus_firmware
|
Moxa UC-7408 LX-Plus devices allow remote authenticated users to write to the firmware, and consequently render a device unusable, by leveraging root access.
|
CWE-254
7PK - Security Features
|
CVE-2016-4500
|
2024-11-21 11:52 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265095
|
9.8 |
CRITICAL
Network
|
sixnet
|
bt-5_series_cellular_router_firmware
bt-6_series_cellular_router_firmware
|
Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4521
|
2024-11-21 11:52 |
2016-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265096
|
8.0 |
HIGH
Network
|
resourcedm
|
intuitive_650_tdb_controller
|
Cross-site request forgery (CSRF) vulnerability on Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of …
|
CWE-352
Origin Validation Error
|
CVE-2016-4506
|
2024-11-21 11:52 |
2016-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265097
|
8.8 |
HIGH
Network
|
resourcedm
|
intuitive_650_tdb_controller
|
Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-4505
|
2024-11-21 11:52 |
2016-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265098
|
7.5 |
HIGH
Network
|
envirosys
|
esc_8832_data_controller
|
Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier allows remote attackers to bypass intended access restrictions and execute arbitrary functions via a modified parameter.
|
CWE-284
Improper Access Control
|
CVE-2016-4502
|
2024-11-21 11:52 |
2016-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265099
|
5.3 |
MEDIUM
Network
|
siemens
|
siprotec_firmware
|
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.0…
|
CWE-200
Information Exposure
|
CVE-2016-4785
|
2024-11-21 11:52 |
2016-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265100
|
5.3 |
MEDIUM
Network
|
siemens
|
siprotec_firmware
|
A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.0…
|
CWE-200
Information Exposure
|
CVE-2016-4784
|
2024-11-21 11:52 |
2016-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
