|
268121
|
7.5 |
HIGH
Network
|
huawei
|
honor_ws851_firmware
|
Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors, aka HWPSIRT-2016-05053.
|
CWE-200
Information Exposure
|
CVE-2016-5367
|
2024-11-21 11:54 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268122
|
7.5 |
HIGH
Network
|
huawei
|
honor_ws851_firmware
|
Huawei Honor WS851 routers with software 1.1.21.1 and earlier allow remote attackers to modify configuration data via vectors related to a "file injection vulnerability," aka HWPSIRT-2016-05052.
|
CWE-284
Improper Access Control
|
CVE-2016-5366
|
2024-11-21 11:54 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268123
|
9.8 |
CRITICAL
Network
|
huawei
|
honor_ws851_firmware
|
Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HW…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5365
|
2024-11-21 11:54 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268124
|
7.8 |
HIGH
Local
|
qemu
canonical
debian
|
qemu
ubuntu_linux
debian_linux
|
The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QE…
|
NVD-CWE-noinfo
|
CVE-2016-5338
|
2024-11-21 11:54 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268125
|
5.5 |
MEDIUM
Local
|
qemu
canonical
debian
|
qemu
ubuntu_linux
debian_linux
|
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control informat…
|
NVD-CWE-noinfo
|
CVE-2016-5337
|
2024-11-21 11:54 |
2016-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268126
|
9.8 |
CRITICAL
Network
|
citrix
|
xenserver
|
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging c…
|
CWE-284
Improper Access Control
|
CVE-2016-5302
|
2024-11-21 11:54 |
2016-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268127
|
9.8 |
CRITICAL
Network
|
nodepdf_project
|
nodepdf
|
Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicol…
|
CWE-77
Command Injection
|
CVE-2016-4991
|
2024-11-21 11:53 |
2022-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268128
|
2.5 |
LOW
Local
|
ethz
fedoraproject
redhat
|
xquest
fedora
enterprise_linux
|
A password generation weakness exists in xquest through 2016-06-13.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2016-4980
|
2024-11-21 11:53 |
2019-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268129
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
Unspecified vulnerabilities in Google Chrome before 54.0.2840.59.
|
NVD-CWE-noinfo
|
CVE-2016-5194
|
2024-11-21 11:53 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268130
|
7.5 |
HIGH
Network
|
mozilla
debian
redhat
suse
avaya
|
nss
debian_linux
enterprise_linux
linux_enterprise_server
call_management_system
breeze_platform
iq
aura_application_server_5300
aura_application_enablement_services
aura_c…
|
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote m…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-5285
|
2024-11-21 11:53 |
2019-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
