|
266551
|
5.9 |
MEDIUM
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server,…
|
CWE-200
CWE-125
Information Exposure
Out-of-bounds Read
|
CVE-2016-2367
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266552
|
5.9 |
MEDIUM
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-2366
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266553
|
5.9 |
MEDIUM
Network
|
pidgin
canonical
debian
|
pidgin
ubuntu_linux
debian_linux
|
A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A mali…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2365
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266554
|
9.8 |
CRITICAL
Network
|
ruby-lang
|
ruby
|
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2339
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266555
|
9.8 |
CRITICAL
Network
|
ruby-lang
|
ruby
|
Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.
|
NVD-CWE-Other
|
CVE-2016-2337
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266556
|
9.8 |
CRITICAL
Network
|
ruby-lang
|
ruby
|
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code e…
|
NVD-CWE-Other
|
CVE-2016-2336
|
2024-11-21 11:48 |
2017-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266557
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2198
|
2024-11-21 11:48 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266558
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List B…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-2197
|
2024-11-21 11:48 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266559
|
7.8 |
HIGH
Local
|
hp
|
thinpro
|
HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2246
|
2024-11-21 11:48 |
2016-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266560
|
6.8 |
MEDIUM
Physics
|
kde
fedoraproject
opensuse
|
kscreenlocker
plasma-workspace
fedora
leap
|
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
|
CWE-254
7PK - Security Features
|
CVE-2016-2312
|
2024-11-21 11:48 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
