|
265241
|
6.0 |
MEDIUM
Local
|
qemu
|
qemu
|
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU proce…
|
NVD-CWE-noinfo
|
CVE-2016-4964
|
2024-11-21 11:53 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265242
|
6.6 |
MEDIUM
Local
|
nvidia
|
gpu_driver
|
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows…
|
CWE-20
Improper Input Validation
|
CVE-2016-5025
|
2024-11-21 11:53 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265243
|
5.5 |
MEDIUM
Local
|
nvidia
|
geforce_experience
|
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA W…
|
CWE-20
Improper Input Validation
|
CVE-2016-4961
|
2024-11-21 11:53 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265244
|
7.3 |
HIGH
Local
|
nvidia
|
geforce_experience
|
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privile…
|
CWE-20
Improper Input Validation
|
CVE-2016-4960
|
2024-11-21 11:53 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265245
|
7.5 |
HIGH
Network
|
nvidia
|
gpu_driver
|
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a …
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-4959
|
2024-11-21 11:53 |
2016-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265246
|
9.8 |
CRITICAL
Network
|
animas
|
onetouch_ping_firmware
|
Johnson & Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentication via replay attacks.
|
CWE-287
Improper Authentication
|
CVE-2016-5086
|
2024-11-21 11:53 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265247
|
7.5 |
HIGH
Network
|
animas
|
onetouch_ping_firmware
|
Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote attackers to spoof meters by sniffing the network and then engaging in an auth…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2016-5085
|
2024-11-21 11:53 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265248
|
7.5 |
HIGH
Network
|
animas
|
onetouch_ping_firmware
|
Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2016-5084
|
2024-11-21 11:53 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265249
|
9.8 |
CRITICAL
Network
|
apache
|
myfaces_trinidad
|
CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-5019
|
2024-11-21 11:53 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265250
|
9.8 |
CRITICAL
Network
|
c-ares_project
c-ares
debian
nodejs
canonical
|
c-ares
debian_linux
node.js
ubuntu_linux
|
Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code …
|
CWE-787
Out-of-bounds Write
|
CVE-2016-5180
|
2024-11-21 11:53 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
