|
265901
|
4.2 |
MEDIUM
Local
|
panasonic
|
fpwin_pro
|
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4496
|
2024-11-21 11:52 |
2016-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265902
|
6.1 |
MEDIUM
Network
|
ikiwiki
debian
|
ikiwiki
debian_linux
|
Cross-site scripting (XSS) vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4561
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265903
|
7.5 |
HIGH
Network
|
squid-cache
oracle
canonical
|
squid
linux
ubuntu_linux
|
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
|
NVD-CWE-Other
|
CVE-2016-4556
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265904
|
7.5 |
HIGH
Network
|
squid-cache
canonical
oracle
|
squid
ubuntu_linux
linux
|
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
|
CWE-20
Improper Input Validation
|
CVE-2016-4555
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265905
|
8.6 |
HIGH
Network
|
oracle
squid-cache
canonical
|
linux
squid
ubuntu_linux
|
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header sm…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-4554
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265906
|
8.6 |
HIGH
Network
|
canonical
squid-cache
oracle
|
ubuntu_linux
squid
linux
|
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks vi…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-4553
|
2024-11-21 11:52 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265907
|
7.8 |
HIGH
Local
|
google
|
android
|
wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or caus…
|
CWE-19
Data Processing Errors
|
CVE-2016-4477
|
2024-11-21 11:52 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265908
|
7.5 |
HIGH
Network
|
w1.fi
canonical
|
wpa_supplicant
hostapd
ubuntu_linux
|
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) …
|
CWE-20
Improper Input Validation
|
CVE-2016-4476
|
2024-11-21 11:52 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265909
|
9.8 |
CRITICAL
Network
|
libpam-sshauth_project
debian
|
libpam-sshauth
debian_linux
|
The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.
|
CWE-287
Improper Authentication
|
CVE-2016-4422
|
2024-11-21 11:52 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265910
|
7.5 |
HIGH
Network
|
mcafee
|
livesafe
|
Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed exe…
|
CWE-20
Improper Input Validation
|
CVE-2016-4535
|
2024-11-21 11:52 |
2016-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
