|
266491
|
3.4 |
LOW
Local
|
siemens
|
apogee_insight
|
Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-3155
|
2024-11-21 11:49 |
2016-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266492
|
9.8 |
CRITICAL
Network
|
pcre
|
pcre
pcre2
|
The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parent…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3191
|
2024-11-21 11:49 |
2016-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266493
|
9.8 |
CRITICAL
Network
|
ruby-lang
debian
|
ruby
debian_linux
|
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags …
|
CWE-787
Out-of-bounds Write
|
CVE-2016-2338
|
2024-11-21 11:48 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266494
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2360
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266495
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.
|
CWE-287
Improper Authentication
|
CVE-2016-2359
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266496
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user account…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2358
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266497
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-2357
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266498
|
9.8 |
CRITICAL
Network
|
milesight
|
ip_security_camera_firmware
|
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
|
CWE-120
Classic Buffer Overflow
|
CVE-2016-2356
|
2024-11-21 11:48 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266499
|
5.5 |
MEDIUM
Local
|
audacityteam
|
audacity
|
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2541
|
2024-11-21 11:48 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266500
|
5.5 |
MEDIUM
Local
|
audacityteam
|
audacity
|
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2540
|
2024-11-21 11:48 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
