|
265431
|
7.5 |
HIGH
Network
|
openbsd
|
openssh
|
The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE:…
|
CWE-399
Resource Management Errors
|
CVE-2016-8858
|
2024-11-21 12:00 |
2016-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265432
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by cal…
|
CWE-264
CWE-416
Permissions, Privileges, and Access Controls
Use After Free
|
CVE-2016-9120
|
2024-11-21 12:00 |
2016-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265433
|
6.1 |
MEDIUM
Network
|
spip
|
spip
|
Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9152
|
2024-11-21 12:00 |
2016-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265434
|
9.8 |
CRITICAL
Network
|
siemens
|
sicam_pas\/pqs
|
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by …
|
CWE-20
CWE-284
Improper Input Validation
Improper Access Control
|
CVE-2016-9157
|
2024-11-21 12:00 |
2016-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265435
|
7.3 |
HIGH
Network
|
siemens
|
sicam_pas\/pqs
|
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted pa…
|
CWE-20
CWE-284
Improper Input Validation
Improper Access Control
|
CVE-2016-9156
|
2024-11-21 12:00 |
2016-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265436
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial o…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-9313
|
2024-11-21 12:00 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265437
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a…
|
CWE-20
CWE-399
Improper Input Validation
Resource Management Errors
|
CVE-2016-9191
|
2024-11-21 12:00 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265438
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information…
|
CWE-200
Information Exposure
|
CVE-2016-9178
|
2024-11-21 12:00 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265439
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other i…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-9084
|
2024-11-21 12:00 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265440
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact…
|
CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Integer Overflow or Wraparound
|
CVE-2016-9083
|
2024-11-21 12:00 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
