|
264791
|
5.9 |
MEDIUM
Network
|
matrixssl
|
matrixssl
|
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack.
|
CWE-200
Information Exposure
|
CVE-2016-6887
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264792
|
7.5 |
HIGH
Network
|
matrixssl
|
matrixssl
|
The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret k…
|
CWE-320
Key Management Errors
|
CVE-2016-6886
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264793
|
7.5 |
HIGH
Network
|
matrixssl
|
matrixssl
|
The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation.
|
CWE-416
Use After Free
|
CVE-2016-6885
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264794
|
7.5 |
HIGH
Network
|
ntp
canonical
redhat
hpe
|
ntp
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_linux_server_eus…
|
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent r…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-7426
|
2024-11-21 11:57 |
2017-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264795
|
7.5 |
HIGH
Network
|
matrixssl
|
matrixssl
|
The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
|
CWE-416
Use After Free
|
CVE-2016-6892
|
2024-11-21 11:57 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264796
|
7.5 |
HIGH
Network
|
matrixssl
|
matrixssl
|
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6891
|
2024-11-21 11:57 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264797
|
9.8 |
CRITICAL
Network
|
matrixssl
|
matrixssl
|
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6890
|
2024-11-21 11:57 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264798
|
6.3 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authent…
|
CWE-22
Path Traversal
|
CVE-2016-7169
|
2024-11-21 11:57 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264799
|
4.8 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-7168
|
2024-11-21 11:57 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264800
|
9.8 |
CRITICAL
Network
|
veritas
|
netbackup_appliance_firmware
|
scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metac…
|
CWE-77
Command Injection
|
CVE-2016-7399
|
2024-11-21 11:57 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
