|
266961
|
9.8 |
CRITICAL
Network
|
busybox
debian
canonical
|
busybox
debian_linux
ubuntu_linux
|
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2148
|
2024-11-21 11:47 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266962
|
7.5 |
HIGH
Network
|
busybox
debian
canonical
|
busybox
debian_linux
ubuntu_linux
|
Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-o…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-2147
|
2024-11-21 11:47 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266963
|
8.1 |
HIGH
Network
|
netapp
|
oncommand_workflow_automation
|
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-1894
|
2024-11-21 11:47 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266964
|
6.5 |
MEDIUM
Network
|
libdwarf_project
|
libdwarf
|
The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf file.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-2050
|
2024-11-21 11:47 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266965
|
5.5 |
MEDIUM
Local
|
samsung
|
knox
|
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
|
CWE-284
Improper Access Control
|
CVE-2016-1920
|
2024-11-21 11:47 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266966
|
4.7 |
MEDIUM
Local
|
samsung
|
knox
|
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2016-1919
|
2024-11-21 11:47 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266967
|
9.8 |
CRITICAL
Network
|
lha_for_unix_project
|
lha_for_unix
|
Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2016-1925
|
2024-11-21 11:47 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266968
|
7.4 |
HIGH
Network
|
hexchat_project
|
hexchat
|
Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. (dot dot) in the server name.
|
CWE-22
Path Traversal
|
CVE-2016-2087
|
2024-11-21 11:47 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266969
|
9.8 |
CRITICAL
Network
|
fedoraproject
freedesktop
debian
canonical
|
fedora
libbsd
debian_linux
ubuntu_linux
|
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2090
|
2024-11-21 11:47 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266970
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the in…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2016-1981
|
2024-11-21 11:47 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
