|
265581
|
7.0 |
HIGH
Local
|
setroubleshoot_project
redhat
|
setroubleshoot
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
|
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the comma…
|
CWE-77
Command Injection
|
CVE-2016-4444
|
2024-11-21 11:52 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265582
|
7.5 |
HIGH
Network
|
xmlsoft
debian
oracle
|
libxml2
debian_linux
solaris
|
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-4483
|
2024-11-21 11:52 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265583
|
8.8 |
HIGH
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cloud_foundry
cloud_foundry_uaa
cloud_foundry_ops_manager
cloud_foundry_uaa_bosh
|
SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime b…
|
CWE-89
SQL Injection
|
CVE-2016-4468
|
2024-11-21 11:52 |
2017-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265584
|
8.8 |
HIGH
Network
|
meteocontrol
|
weblog
|
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generate…
|
CWE-352
Origin Validation Error
|
CVE-2016-4504
|
2024-11-21 11:52 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265585
|
5.5 |
MEDIUM
Local
|
gnu
|
libiberty
|
The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted b…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-4493
|
2024-11-21 11:52 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265586
|
4.4 |
MEDIUM
Local
|
gnu
|
libiberty
|
Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4492
|
2024-11-21 11:52 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265587
|
5.5 |
MEDIUM
Local
|
gnu
|
libiberty
|
The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4491
|
2024-11-21 11:52 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265588
|
5.5 |
MEDIUM
Local
|
gnu
|
libiberty
|
Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and in…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-4490
|
2024-11-21 11:52 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265589
|
5.5 |
MEDIUM
Local
|
gnu
|
libiberty
|
Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtu…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-4489
|
2024-11-21 11:52 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265590
|
5.5 |
MEDIUM
Local
|
gnu
|
libiberty
|
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."
|
CWE-416
Use After Free
|
CVE-2016-4488
|
2024-11-21 11:52 |
2017-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
