|
265001
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote atta…
|
CWE-415
Double Free
|
CVE-2016-5768
|
2024-11-21 11:54 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265002
|
8.8 |
HIGH
Network
|
libgd
|
libgd
|
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5767
|
2024-11-21 11:54 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265003
|
8.8 |
HIGH
Network
|
redhat
freebsd
libgd
fedoraproject
debian
|
openshift
freebsd
enterprise_linux
libgd
fedora
debian_linux
|
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5766
|
2024-11-21 11:54 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265004
|
4.8 |
MEDIUM
Network
|
google
oracle
linux
|
android
vm_server
linux_kernel
|
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-wi…
|
CWE-200
Information Exposure
|
CVE-2016-5696
|
2024-11-21 11:54 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265005
|
6.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infi…
|
CWE-399
Resource Management Errors
|
CVE-2016-5412
|
2024-11-21 11:54 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265006
|
4.3 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumpti…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5400
|
2024-11-21 11:54 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265007
|
6.5 |
MEDIUM
Network
|
redhat
|
openshift
|
The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive pr…
|
CWE-200
Information Exposure
|
CVE-2016-5392
|
2024-11-21 11:54 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265008
|
8.8 |
HIGH
Network
|
crestron
|
dm-txrx-100-str_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities on Crestron Electronics DM-TXRX-100-STR devices with firmware through 1.3039.00040 allow remote attackers to hijack the authentication of ar…
|
CWE-352
Origin Validation Error
|
CVE-2016-5671
|
2024-11-21 11:54 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265009
|
9.8 |
CRITICAL
Network
|
crestron
|
dm-txrx-100-str_firmware
|
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access vi…
|
CWE-255
Credentials Management
|
CVE-2016-5670
|
2024-11-21 11:54 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265010
|
9.8 |
CRITICAL
Network
|
crestron
|
dm-txrx-100-str_firmware
|
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier…
|
NVD-CWE-Other
|
CVE-2016-5669
|
2024-11-21 11:54 |
2016-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
