|
266921
|
9.8 |
CRITICAL
Network
|
pam_tacplus_project
|
pam_tacplus
|
In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure.
|
NVD-CWE-Other
|
CVE-2016-20014
|
2024-11-21 11:47 |
2022-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266922
|
7.5 |
HIGH
Network
|
sha256crypt_project
sha512crypt_project
|
sha256crypt
sha512crypt
|
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2016-20013
|
2024-11-21 11:47 |
2022-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266923
|
5.9 |
MEDIUM
Network
|
samba
debian
fedoraproject
redhat
canonical
|
samba
debian_linux
fedora
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_for_scientific_computing
enterprise_linux
enterprise_linux_server
enterprise_l…
|
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
|
CWE-287
Improper Authentication
|
CVE-2016-2124
|
2024-11-21 11:47 |
2022-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266924
|
5.3 |
MEDIUM
Network
|
openbsd
netapp
|
openssh
ontap_select_deploy_administration_utility
clustered_data_ontap
solidfire
hci_management_node
|
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occu…
|
NVD-CWE-Other
|
CVE-2016-20012
|
2024-11-21 11:47 |
2021-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266925
|
7.5 |
HIGH
Network
|
gnome
|
libgrss
|
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the…
|
CWE-295
Improper Certificate Validation
|
CVE-2016-20011
|
2024-11-21 11:47 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266926
|
10.0 |
CRITICAL
Network
|
ewww
|
image_optimizer
|
EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5.
|
NVD-CWE-noinfo
|
CVE-2016-20010
|
2024-11-21 11:47 |
2021-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266927
|
9.8 |
CRITICAL
Network
|
windriver
siemens
|
vxworks
sgt-100_firmware
sgt-200_firmware
sgt-300_firmware
sgt-400_firmware
sgt-a20_firmware
sgt-a35_firmware
sgt-a65_firmware
|
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
|
CWE-787
Out-of-bounds Write
|
CVE-2016-20009
|
2024-11-21 11:47 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266928
|
9.8 |
CRITICAL
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
CWE-863
Incorrect Authorization
|
CVE-2016-20005
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266929
|
9.8 |
CRITICAL
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
CWE-863
Incorrect Authorization
|
CVE-2016-20004
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266930
|
7.5 |
HIGH
Network
|
rest\/json_project
|
rest\/json
|
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
|
NVD-CWE-Other
|
CVE-2016-20003
|
2024-11-21 11:47 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
