|
269721
|
9.8 |
CRITICAL
Network
|
splunk
|
splunk
|
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10126
|
2024-11-21 11:43 |
2017-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269722
|
8.1 |
HIGH
Network
|
dlink
|
dgs-1100_firmware
|
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-10125
|
2024-11-21 11:43 |
2017-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269723
|
8.6 |
HIGH
Network
|
linuxcontainers
|
lxc
|
An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push c…
|
CWE-284
Improper Access Control
|
CVE-2016-10124
|
2024-11-21 11:43 |
2017-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269724
|
8.1 |
HIGH
Network
|
schedmd
|
slurm
|
The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure o…
|
CWE-284
Improper Access Control
|
CVE-2016-10030
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269725
|
7.8 |
HIGH
Local
|
openbsd
|
openssh
|
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local use…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10012
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269726
|
5.5 |
MEDIUM
Local
|
openbsd
|
openssh
|
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging …
|
CWE-320
Key Management Errors
|
CVE-2016-10011
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269727
|
7.0 |
HIGH
Local
|
openbsd
|
openssh
|
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10010
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269728
|
7.3 |
HIGH
Network
|
openbsd
|
openssh
|
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-s…
|
CWE-426
Untrusted Search Path
|
CVE-2016-10009
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269729
|
8.1 |
HIGH
Network
|
netgear
|
arlo_base_station_firmware
arlo_q_camera_firmware
arlo_q_plus_camera_firmware
|
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adj…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10116
|
2024-11-21 11:43 |
2017-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269730
|
9.8 |
CRITICAL
Network
|
netgear
|
arlo_base_station_firmware
arlo_q_camera_firmware
arlo_q_plus_camera_firmware
|
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default passw…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-10115
|
2024-11-21 11:43 |
2017-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
