|
271331
|
7.5 |
HIGH
Network
|
intel
|
driver_update_utility
|
Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2016-1493
|
2024-11-21 11:46 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271332
|
6.1 |
MEDIUM
Network
|
cisco
|
unity_connection
|
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC) 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1300
|
2024-11-21 11:46 |
2016-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271333
|
5.3 |
MEDIUM
Network
|
cisco
|
300_series_managed_switch_firmware
|
The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote attackers to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw871…
|
CWE-399
Resource Management Errors
|
CVE-2016-1299
|
2024-11-21 11:46 |
2016-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271334
|
8.1 |
HIGH
Network
|
tuxfamily
|
chrony
|
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arb…
|
CWE-254
7PK - Security Features
|
CVE-2016-1567
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271335
|
6.1 |
MEDIUM
Adjacent
|
lenovo
|
shareit
|
The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveragi…
|
CWE-284
Improper Access Control
|
CVE-2016-1492
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271336
|
8.8 |
HIGH
Adjacent
|
lenovo
|
shareit
|
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by lev…
|
CWE-255
Credentials Management
|
CVE-2016-1491
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271337
|
4.1 |
MEDIUM
Adjacent
|
lenovo
|
shareit
|
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list.
|
CWE-200
Information Exposure
|
CVE-2016-1490
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271338
|
8.0 |
HIGH
Adjacent
|
lenovo
|
shareit
|
Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2016-1489
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271339
|
7.8 |
HIGH
Local
|
debian
|
fuse
|
An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1233
|
2024-11-21 11:46 |
2016-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271340
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_contact_center_express
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via ve…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1298
|
2024-11-21 11:46 |
2016-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
