|
271091
|
9.8 |
CRITICAL
Network
|
harman
|
amx_firmware
|
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access v…
|
CWE-255
Credentials Management
|
CVE-2016-1984
|
2024-11-21 11:47 |
2016-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271092
|
9.3 |
CRITICAL
Network
|
sap
|
hana
|
The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service (disk consumption and process crash) via a crafted HTTP request, relat…
|
CWE-20
Improper Input Validation
|
CVE-2016-1929
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271093
|
9.8 |
CRITICAL
Network
|
sap
|
hana
|
Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1928
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271094
|
9.8 |
CRITICAL
Network
|
fedoraproject
cgit_project
|
fedora
cgit
|
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1901
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271095
|
3.7 |
LOW
Network
|
fedoraproject
cgit_project
|
fedora
cgit
|
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP heade…
|
NVD-CWE-Other
|
CVE-2016-1900
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271096
|
3.7 |
LOW
Network
|
fedoraproject
cgit_project
|
fedora
cgit
|
CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (X…
|
NVD-CWE-Other
|
CVE-2016-1899
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271097
|
6.5 |
MEDIUM
Network
|
jasper_project
|
jasper
|
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1867
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271098
|
5.3 |
MEDIUM
Network
|
openbsd
|
openssh
|
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1907
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271099
|
7.3 |
HIGH
Network
|
php
|
php
|
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) ph…
|
CWE-189
Numeric Errors
|
CVE-2016-1904
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271100
|
9.1 |
CRITICAL
Network
|
php
|
php
|
The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or ca…
|
CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error')
Information Exposure
|
CVE-2016-1903
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
