|
269811
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the c…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10138
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269812
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sys…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10137
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269813
|
7.8 |
HIGH
Local
|
adups
|
adups_fota
|
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sys…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10136
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269814
|
5.5 |
MEDIUM
Local
|
lg
|
lg_mobile
|
An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with …
|
CWE-200
Information Exposure
|
CVE-2016-10135
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269815
|
5.9 |
MEDIUM
Network
|
igniterealtime
fedoraproject
|
smack
fedora
|
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of clea…
|
CWE-362
Race Condition
|
CVE-2016-10027
|
2024-11-21 11:43 |
2017-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269816
|
9.8 |
CRITICAL
Network
|
codeigniter
|
codeigniter
|
system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email->from field to insert sendmail command-line arguments.
|
CWE-74
Injection
|
CVE-2016-10131
|
2024-11-21 11:43 |
2017-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269817
|
9.8 |
CRITICAL
Network
|
splunk
|
splunk
|
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10126
|
2024-11-21 11:43 |
2017-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269818
|
8.1 |
HIGH
Network
|
dlink
|
dgs-1100_firmware
|
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-10125
|
2024-11-21 11:43 |
2017-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269819
|
8.6 |
HIGH
Network
|
linuxcontainers
|
lxc
|
An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push c…
|
CWE-284
Improper Access Control
|
CVE-2016-10124
|
2024-11-21 11:43 |
2017-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269820
|
8.1 |
HIGH
Network
|
schedmd
|
slurm
|
The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure o…
|
CWE-284
Improper Access Control
|
CVE-2016-10030
|
2024-11-21 11:43 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
