|
266221
|
7.8 |
HIGH
Local
|
nvidia
|
shield_tablet_firmware
shield_tablet_tk1_firmware
shield_tv_firmware
video_driver
|
Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6915
|
2024-11-21 11:57 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266222
|
7.8 |
HIGH
Local
|
nvidia
|
shield_tablet_firmware
shield_tablet_tk1_firmware
shield_tv_firmware
video_driver
|
Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6917
|
2024-11-21 11:57 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266223
|
7.8 |
HIGH
Local
|
nvidia
|
shield_tablet_firmware
shield_tablet_tk1_firmware
shield_tv_firmware
video_driver
|
Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denia…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-6916
|
2024-11-21 11:57 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266224
|
9.9 |
CRITICAL
Network
|
lshell_project
|
lshell
|
lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6903
|
2024-11-21 11:57 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266225
|
9.9 |
CRITICAL
Network
|
lshell_project
|
lshell
|
lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6902
|
2024-11-21 11:57 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266226
|
4.6 |
MEDIUM
Physics
|
redhat
|
quickstart_cloud_installer
|
The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the d…
|
CWE-200
Information Exposure
|
CVE-2016-7060
|
2024-11-21 11:57 |
2017-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266227
|
8.6 |
HIGH
Network
|
fasterxml
|
jackson-dataformat-xml
|
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via ve…
|
CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)
|
CVE-2016-7051
|
2024-11-21 11:57 |
2017-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266228
|
7.0 |
HIGH
Local
|
todd_miller
|
sudo
|
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.
|
CWE-284
Improper Access Control
|
CVE-2016-7032
|
2024-11-21 11:57 |
2017-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266229
|
7.5 |
HIGH
Network
|
botan_project
|
botan
|
The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.
|
CWE-320
Key Management Errors
|
CVE-2016-6879
|
2024-11-21 11:57 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266230
|
9.8 |
CRITICAL
Network
|
botan_project
|
botan
|
The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstra…
|
CWE-20
Improper Input Validation
|
CVE-2016-6878
|
2024-11-21 11:57 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
