|
267301
|
5.3 |
MEDIUM
Network
|
gnupg
debian
canonical
|
libgcrypt
debian_linux
ubuntu_linux
gnupg
|
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of …
|
CWE-200
Information Exposure
|
CVE-2016-6313
|
2024-11-21 11:55 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267302
|
7.5 |
HIGH
Network
|
imagemagick
oracle
|
imagemagick
solaris
|
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2016-5842
|
2024-11-21 11:55 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267303
|
9.8 |
CRITICAL
Network
|
imagemagick
oracle
|
imagemagick
solaris
|
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involvi…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5841
|
2024-11-21 11:55 |
2016-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267304
|
7.5 |
HIGH
Network
|
gnu
|
tar
|
Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files v…
|
CWE-22
Path Traversal
|
CVE-2016-6321
|
2024-11-21 11:55 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267305
|
7.5 |
HIGH
Network
|
busybox
|
busybox
|
The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a…
|
CWE-399
Resource Management Errors
|
CVE-2016-6301
|
2024-11-21 11:55 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267306
|
5.3 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
|
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.10 IF4, and 7.6 before 7.6.0.5 IF3 allows remote attackers to obtain sensitive information via a crafted HTTP request that triggers …
|
CWE-20
Improper Input Validation
|
CVE-2016-5987
|
2024-11-21 11:55 |
2016-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267307
|
5.4 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
|
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.10 IF3 and 7.6 before 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5905
|
2024-11-21 11:55 |
2016-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267308
|
5.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors.
|
CWE-255
Credentials Management
|
CVE-2016-5890
|
2024-11-21 11:55 |
2016-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267309
|
2.5 |
LOW
Local
|
ibm
|
sterling_connect\
|
IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5992
|
2024-11-21 11:55 |
2016-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267310
|
4.5 |
MEDIUM
Local
|
ibm
|
sterling_connect\
|
IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5991
|
2024-11-21 11:55 |
2016-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
