|
268041
|
9.8 |
CRITICAL
Network
|
php
|
php
|
PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other im…
|
CWE-416
Use After Free
|
CVE-2016-9138
|
2024-11-21 12:00 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268042
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have un…
|
CWE-416
Use After Free
|
CVE-2016-9137
|
2024-11-21 12:00 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268043
|
7.5 |
HIGH
Network
|
torproject
|
tor
|
Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8860
|
2024-11-21 12:00 |
2017-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268044
|
6.5 |
MEDIUM
Network
|
cisco
|
jabber_guest
|
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.…
|
CWE-20
Improper Input Validation
|
CVE-2016-9224
|
2024-11-21 12:00 |
2016-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268045
|
9.8 |
CRITICAL
Network
|
cisco
|
cloudcenter_orchestrator
|
A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-9223
|
2024-11-21 12:00 |
2016-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268046
|
8.8 |
HIGH
Network
|
cisco
|
intercloud_fabric
|
A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. Mo…
|
CWE-285
Improper Authorization
|
CVE-2016-9217
|
2024-11-21 12:00 |
2016-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268047
|
7.5 |
HIGH
Network
|
tarantool
|
tarantool
|
An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9037
|
2024-11-21 12:00 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268048
|
7.5 |
HIGH
Network
|
tarantool
|
msgpuck
|
An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly ret…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9036
|
2024-11-21 12:00 |
2016-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268049
|
7.5 |
HIGH
Network
|
siemens
|
desigo_web_module_pxa30-w0_firmware
desigo_web_module_pxa30-w1_firmware
desigo_web_module_pxa30-w2_firmware
desigo_web_module_pxa40-w0_firmware
desigo_web_module_pxa40-w1_firmware
desi…
|
Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D (All firmware versions < V6.00.046) and Desigo PX Web modu…
|
CWE-332
Insufficient Entropy in PRNG
|
CVE-2016-9154
|
2024-11-21 12:00 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268050
|
7.1 |
HIGH
Local
|
image-info_project
|
image-info_for_perl
|
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could c…
|
CWE-611
XXE
|
CVE-2016-9181
|
2024-11-21 12:00 |
2016-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
