|
266781
|
7.5 |
HIGH
Network
|
php
|
php
|
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session d…
|
CWE-74
Injection
|
CVE-2016-7125
|
2024-11-21 11:57 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266782
|
9.8 |
CRITICAL
Network
|
php
|
php
|
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-7124
|
2024-11-21 11:57 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266783
|
8.8 |
HIGH
Network
|
google
|
chrome
|
SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, does not properly validate the return values of ChopMonoAtY calls, which allows …
|
CWE-19
Data Processing Errors
|
CVE-2016-7395
|
2024-11-21 11:57 |
2016-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266784
|
5.9 |
MEDIUM
Network
|
debian
wireshark
|
debian_linux
wireshark
|
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial …
|
CWE-416
Use After Free
|
CVE-2016-7180
|
2024-11-21 11:57 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266785
|
5.9 |
MEDIUM
Network
|
debian
wireshark
|
debian_linux
wireshark
|
Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (applicat…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7179
|
2024-11-21 11:57 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266786
|
5.9 |
MEDIUM
Network
|
wireshark
debian
|
wireshark
debian_linux
|
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a …
|
CWE-787
Out-of-bounds Write
|
CVE-2016-7178
|
2024-11-21 11:57 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266787
|
5.9 |
MEDIUM
Network
|
debian
wireshark
|
debian_linux
wireshark
|
epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7177
|
2024-11-21 11:57 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266788
|
5.9 |
MEDIUM
Network
|
wireshark
debian
|
wireshark
debian_linux
|
epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-7176
|
2024-11-21 11:57 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266789
|
5.9 |
MEDIUM
Network
|
wireshark
|
wireshark
|
epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-7175
|
2024-11-21 11:57 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266790
|
9.8 |
CRITICAL
Network
|
huawei
|
uma
|
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109.
|
CWE-94
Code Injection
|
CVE-2016-7110
|
2024-11-21 11:57 |
2016-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
