|
272581
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memor…
|
CWE-399
Resource Management Errors
|
CVE-2016-10153
|
2024-11-21 11:43 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272582
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or poss…
|
CWE-264
CWE-416
Permissions, Privileges, and Access Controls
Use After Free
|
CVE-2016-10150
|
2024-11-21 11:43 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272583
|
9.8 |
CRITICAL
Network
|
sendquick
|
entera_sms_gateway_firmware
avera_sms_gateway_firmware
|
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands.
|
CWE-77
Command Injection
|
CVE-2016-10098
|
2024-11-21 11:43 |
2017-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272584
|
7.1 |
HIGH
Local
|
littlecms
debian
canonical
opensuse
redhat
netapp
|
little_cms_color_engine
debian_linux
ubuntu_linux
leap
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_tus
enterprise_lin…
|
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10165
|
2024-11-21 11:43 |
2017-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272585
|
7.5 |
HIGH
Network
|
sap
|
saplpd
|
SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515.
|
CWE-20
Improper Input Validation
|
CVE-2016-10079
|
2024-11-21 11:43 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272586
|
7.5 |
HIGH
Network
|
minitar
|
archive-tar-minitar
minitar
|
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. (dot dot) in a TAR archive entry.
|
CWE-22
Path Traversal
|
CVE-2016-10173
|
2024-11-21 11:43 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272587
|
9.8 |
CRITICAL
Network
|
x.org
|
libxpm
|
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or e…
|
CWE-119
CWE-787
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2016-10164
|
2024-11-21 11:43 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272588
|
10.0 |
CRITICAL
Network
|
mrf
|
web_panel
|
An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi was discovered to be vulnerable to OS command injection attacks. It is possible to use…
|
CWE-78
OS Command
|
CVE-2016-10043
|
2024-11-21 11:43 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272589
|
7.5 |
HIGH
Network
|
libpng
|
libpng
|
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL poi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-10087
|
2024-11-21 11:43 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272590
|
7.5 |
HIGH
Network
|
dlink
|
dwr-932b_firmware
|
An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules.
|
CWE-399
Resource Management Errors
|
CVE-2016-10186
|
2024-11-21 11:43 |
2017-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
