|
266181
|
7.5 |
HIGH
Network
|
gnupg
canonical
|
libksba
ubuntu_linux
|
The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after in…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4356
|
2024-11-21 11:51 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266182
|
7.5 |
HIGH
Network
|
gnupg
canonical
|
libksba
ubuntu_linux
|
Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4355
|
2024-11-21 11:51 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266183
|
7.5 |
HIGH
Network
|
canonical
gnupg
|
ubuntu_linux
libksba
|
ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4354
|
2024-11-21 11:51 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266184
|
7.5 |
HIGH
Network
|
gnupg
canonical
|
libksba
ubuntu_linux
|
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
|
CWE-20
Improper Input Validation
|
CVE-2016-4353
|
2024-11-21 11:51 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266185
|
5.5 |
MEDIUM
Local
|
huawei
|
hilink_app
|
The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008.
|
CWE-310
Cryptographic Issues
|
CVE-2016-4005
|
2024-11-21 11:51 |
2016-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266186
|
9.8 |
CRITICAL
Network
|
medhost
|
perioperative_information_management_system
|
MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct …
|
NVD-CWE-Other
|
CVE-2016-4328
|
2024-11-21 11:51 |
2016-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266187
|
9.8 |
CRITICAL
Network
|
chef
|
chef_manage
|
The Chef Manage (formerly opscode-manage) add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie.
|
NVD-CWE-Other
|
CVE-2016-4326
|
2024-11-21 11:51 |
2016-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266188
|
8.8 |
HIGH
Network
|
hpe
|
project_and_portfolio_management_center
|
HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vector…
|
NVD-CWE-noinfo
|
CVE-2016-4370
|
2024-11-21 11:51 |
2016-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266189
|
8.8 |
HIGH
Network
|
hp
|
discovery_and_dependency_mapping_inventory
|
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted s…
|
CWE-284
Improper Access Control
|
CVE-2016-4369
|
2024-11-21 11:51 |
2016-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266190
|
9.8 |
CRITICAL
Network
|
hp
|
universal_cmbd_foundation
universal_cmbd_configuration_manager
universal_discovery
|
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a c…
|
CWE-20
Improper Input Validation
|
CVE-2016-4368
|
2024-11-21 11:51 |
2016-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
