|
266511
|
8.8 |
HIGH
Adjacent
|
pidgin
|
mxit
|
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain log…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-2379
|
2024-11-21 11:48 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266512
|
7.5 |
HIGH
Network
|
uclibc-ng_project
|
uclibc-ng
|
The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-2225
|
2024-11-21 11:48 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266513
|
7.5 |
HIGH
Network
|
uclibc-ng_project
|
uclibc-ng
|
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-2224
|
2024-11-21 11:48 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266514
|
4.3 |
MEDIUM
Network
|
huawei
|
document_security_management
|
The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by l…
|
CWE-275
Permission Issues
|
CVE-2016-2406
|
2024-11-21 11:48 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266515
|
7.8 |
HIGH
Local
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference #: 1997340.
|
CWE-320
Key Management Errors
|
CVE-2016-2880
|
2024-11-21 11:48 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266516
|
7.8 |
HIGH
Local
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference #: 1997341.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-2879
|
2024-11-21 11:48 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266517
|
7.8 |
HIGH
Local
|
gnu
|
libiberty
|
Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.
|
CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Integer Overflow or Wraparound
|
CVE-2016-2226
|
2024-11-21 11:48 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266518
|
6.1 |
MEDIUM
Network
|
adcon_telemetry
|
a850_telemetry_gateway_base_station_firmware
|
An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. The Web Interface does not neutralize or incorrectly neutralizes user-controllable input before it is placed in the out…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2274
|
2024-11-21 11:48 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266519
|
9.8 |
CRITICAL
Network
|
puppet
|
marionette_collective
puppet_enterprise
|
MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command.
|
CWE-284
Improper Access Control
|
CVE-2016-2788
|
2024-11-21 11:48 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266520
|
5.3 |
MEDIUM
Network
|
puppetlabs
puppet
|
puppet_enterprise
|
The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs…
|
CWE-284
Improper Access Control
|
CVE-2016-2787
|
2024-11-21 11:48 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
