|
265061
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-4440
|
2024-11-21 11:52 |
2016-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265062
|
6.1 |
MEDIUM
Network
|
schneider-electric
|
powerlogic_pm8ecc_firmware
|
Cross-site scripting (XSS) vulnerability in the Schneider Electric PowerLogic PM8ECC module before 2.651 for PowerMeter 800 devices allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2016-4513
|
2024-11-21 11:52 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265063
|
5.0 |
MEDIUM
Local
|
advantech
|
webaccess
|
Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4528
|
2024-11-21 11:52 |
2016-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265064
|
6.6 |
MEDIUM
Local
|
advantech
|
webaccess
|
Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESA…
|
NVD-CWE-noinfo
|
CVE-2016-4525
|
2024-11-21 11:52 |
2016-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265065
|
9.8 |
CRITICAL
Network
|
unitronics
|
visilogic_oplc_ide
|
Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4519
|
2024-11-21 11:52 |
2016-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265066
|
6.5 |
MEDIUM
Network
|
osisoft
|
pi_sql_data_access_server_2016
|
OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message.
|
CWE-20
Improper Input Validation
|
CVE-2016-4530
|
2024-11-21 11:52 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265067
|
6.5 |
MEDIUM
Network
|
osisoft
|
pi_af_server_2016
|
OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message.
|
CWE-20
Improper Input Validation
|
CVE-2016-4518
|
2024-11-21 11:52 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265068
|
7.7 |
HIGH
Network
|
moxa
|
pt-7728
pt-7728_firmware
|
Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change the configuration via vectors involving a local proxy.
|
CWE-863
Incorrect Authorization
|
CVE-2016-4514
|
2024-11-21 11:52 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265069
|
7.5 |
HIGH
Network
|
gnupg
opensuse
canonical
|
libksba
leap
ubuntu_linux
|
Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl…
|
CWE-20
Improper Input Validation
|
CVE-2016-4579
|
2024-11-21 11:52 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265070
|
7.5 |
HIGH
Network
|
gnupg
canonical
opensuse
|
libksba
ubuntu_linux
leap
opensuse
|
Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded…
|
CWE-189
Numeric Errors
|
CVE-2016-4574
|
2024-11-21 11:52 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
